Snort mailing list archives
Promiscuous mode on only one interface
From: "Brei, Matt" <mbrei () medclaiminc com>
Date: Sat, 29 Mar 2003 17:36:58 -0500
Greetings, I am using snort 1.9.1 on Red Hat 8.0. The machine has 2 NICs, one for Internet and one for LAN, and is running an iptables script to route and firewall the connection to the Internet. Everything is working great, but I can't get snort to listen on both interfaces. I would like to see what snort picks up before the firewall has a chance to drop it. I'm not sure if it has anything to do with it, but eth0 (LAN) is the only of the two that runs in promiscuous mode. Any advice would be appreciated. Matt
Current thread:
- Promiscuous mode on only one interface Brei, Matt (Mar 29)
- Re: Promiscuous mode on only one interface Patrick S. Harper (Mar 29)