Hello List, right now we have a "flat"-network (one subnet): 192.168.0.1-100 and 192.168.0.101-254
Those two Network segments are connected by a bridged linux box. Not filtering at this point. Its just a switch really. Now we would like to keep the "flat"-network for some good reasons and replace the linux-bridge with a bridged firewall (physdev match). Since i dont want to break the network with its functionality i thought of capturing the current traffic for some time and check out the IPs, Ports, etc... which are beeing used. Like the learning mode grsecurity has. ( i acutally find this a very cool idea! ;-) ) Based on the captured information i would like to create my firewall rule with firewallbuilder. I know i have to check out the captured rules well to make sure i dont implement a hole in my firewall setup! Is there a way or project to capture my firewall requirements? I guess i basically need all SYN-Flags and its DEST-Ports? How can i get them easily out the the massive traffic each day? Do you need more infos? Any ideas are welcome! Thanks, Mario -- ubuntu-server mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam
