Bridging works on OSI levels 1 & 2, IP is a level 4 protocol, so IP services - not so much. I'm not sure what can be done with snort, no experience with it. - Regards, Nick
On Fri, Jun 26, 2015 at 6:51 AM, Robin Kipp <[email protected]> wrote: > Hi all, > I just successfully installed Debian 8 on a Net6501. Basically, I’d like to > use this device as a transparent network gateway between my computers / > network appliances and the router. The reason I’d like to do this is to use > an IDS system such as Snort for security purposes and to monitor certain > aspects of my personal web traffic. > To accomplish this, I’ve now configured a network bridge named br0 and added > all of the ethernet interfaces as members. This seems to work pretty well as > far as I can tell, I have eth0 hooked up to the router and my other machines > connected to the 3 remaining ports. Of course, this means that the Net6501 is > pretty much transparent now and does not, for example, show up as a gateway > when running a traceroute command to an external host. > I generally like this a lot and think it’s quite sensible to pass things like > DHCP and NAT on to the router, rather than installing a separate DHCP server > on the Net6501 and using iptables to NAT between the Soekris box and the > router’s subnet. Since I’m doing this for the very first time, however, I’m > wondering whether I’m on the right path, or if such a setup would impose > certain limitations that I might not be aware of. > For example, can I use a tool like Snort on the Net6501 and analyze all the > traffic passing through the Net6501, or could I be facing any issues when > doing this on a bridged network? > Also, I’m guessing that with this approach, any routing / firewalling of > traffic (e.g. by using iptables) is out of the question, right? For example, > I would think that it’s probably not possible to use iptables to block > traffic originating from certain IP addresses, or to route certain traffic > through a configured VPN tunnel, etc… > If any of you guys have more experience with network bridges, I’d be very > happy if you could answer my questions and / or share your observations with > me. Like I said I’m doing this for the first time, so there may well be > things that I haven’t even thought of yet! :-) > Thanks a lot! > Robin > _______________________________________________ > Soekris-tech mailing list > [email protected] > http://lists.soekris.com/mailman/listinfo/soekris-tech _______________________________________________ Soekris-tech mailing list [email protected] http://lists.soekris.com/mailman/listinfo/soekris-tech
