Snort mailing list archives
Re: eth1 and eth2 Breaks Default Route
From: John Crain <port123tcp () yahoo com>
Date: Tue, 22 Jul 2003 14:18:16 -0700 (PDT)
Dusty, I just tested that on one of my boxen and it worked, sort of... The default route comes up a-ok, but when I do an ifconfig on the interface that is the sensor, there is no "PROMISC" notation. I put "PROMISC=yes" in ifcfg-eth1 file, but no luck. Did I type something wrong? Thanks. -John Dusty Hall <halljer () auburn edu> wrote: John, Here's all I have in our eth1 startup file... cat /etc/sysconfig/network-scripts/ifcfg-eth1 DEVICE=eth1 ONBOOT=yes PROMISC=yes Later, -Dusty
John Crain
7/22/2003 2:57:20 PM >>> There was a typo in the original message. The correction follows: A buddy of mine asked the following question on comp.os.linux.networking, but those folks don't fully understand why an interface would want to be set to 0.0.0.0/0. If anyone can shed some light on a fix, I'd like to know. Here's the original question: I have Red Hat 9 on an X86 with three (3) interfaces working as an IDS. eth0 is my management interface with a live IP address. eth1 and eth2 both have their IP addresses set to 0.0.0.0/0 for data collection. All IP addresses are set in /etc/sysconfig/network-scripts/ifcfg-eth?. When the box boots up my default route is shot through eth2 (should be eth0) even though I have my GATEWAY keyword set to the gateway I want. The following are my ifcfg-eth? entries: /etc/sysconfig/network-scripts/ifcfg-eth0 DEVICE=eth0 onfiltered=yes BOOTPROTO=static IPADDR=1.2.3.4 NETMASK=255.255.255.0 GATEWAY=1.2.3.1 /etc/sysconfig/network-scripts/ifcfg-eth1 DEVICE=eth1 BOOTPROTO=static BROADCAST=255.255.255.255 IPADDR=0.0.0.0 NETMASK=0.0.0.0 NETWORK=0.0.0.0 onfiltered=yes GATEWAY=1.2.3.1 /etc/sysconfig/network-scripts/ifcfg-eth2 DEVICE=eth2 BOOTPROTO=static BROADCAST=255.255.255.255 IPADDR=0.0.0.0 NETMASK=0.0.0.0 NETWORK=0.0.0.0 onfiltered=yes GATEWAY=1.2.3.1 I added "GATEWAY=1.2.3.1" to ifcfg-eth1 and ifcfg-eth2 to see if that would fix things. It doesn't... Q1: How do I get the system to recognize the proper gateway as specified in ifcfg-eth0? Q2: Is there a way to tell an interface to boot in promiscous mode? I'm thinking there is a keyword that can be placed in ifcfg-eth?, but I can't find any reference to that... __________________________________ Do you Yahoo!? The New Yahoo! Search - Faster. Easier. Bingo. http://search.yahoo.com ------------------------------------------------------- This SF.net email is sponsored by: VM Ware With VMware you can run multiple operating systems on a single machine. WITHOUT REBOOTING! Mix Linux / Windows / Novell virtual machines at the same time. Free trial click here: http://www.vmware.com/wl/offer/345/0 _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users --------------------------------- Do you Yahoo!? The New Yahoo! Search - Faster. Easier. Bingo.
Current thread:
- eth1 and eth2 Breaks Default Route John Crain (Jul 22)
- Re: eth1 and eth2 Breaks Default Route John Crain (Jul 22)
- RE: eth1 and eth2 Breaks Default Route Chris N. (Jul 23)
- RE: eth1 and eth2 Breaks Default Route John Crain (Jul 24)
- <Possible follow-ups>
- Re: eth1 and eth2 Breaks Default Route Dusty Hall (Jul 22)
- Re: eth1 and eth2 Breaks Default Route John Crain (Jul 22)
- Re: eth1 and eth2 Breaks Default Route Jacques (Jul 22)
- Re: eth1 and eth2 Breaks Default Route John Crain (Jul 24)
- Re: eth1 and eth2 Breaks Default Route Jacques (Jul 22)
- Re: eth1 and eth2 Breaks Default Route Dusty Hall (Jul 22)
- Re: eth1 and eth2 Breaks Default Route John Crain (Jul 24)
- RE: eth1 and eth2 Breaks Default Route Schmehl, Paul L (Jul 23)