RE: newbe question - roo with 2 network nterfaces

["Michael A. Davis" <mike () datanerds net>]

You need to give the interface an IP and enable arp (bridging disables
arping on the itnerface) on the interface

ifconfig eth1 IP netmask NETMASK +arp

Should do it.

Thanks,
Michael A. Davis
Chief Executive Officer
Savid Technologies, Inc.
Main: 708.243.2850
http://www.savidtech.com

This email may contain confidential and privileged information for the sole
use of the intended recipient. Any review or distribution by others is
strictly prohibited. If you are not the intended recipient, please contact
the sender and delete all copies of this message.

> -----Original Message-----
> From: Jayson Anderson [mailto:sonick () sonick com] 
> Sent: Monday, August 29, 2005 4:45 PM
> To: honeypots () securityfocus com; uti-r () web de
> Subject: Re: newbe question - roo with 2 network nterfaces
>
> Can you guarantee that the interface is not transmitting or 
> is it being perceived as not transmitting ? IE: you can run 
> tcpdump on the IP interface in question, and traffic that is 
> supposed to be sourced from the interface in fact is not 
> transmitted at all ? Best to verify this using targets on the 
> same IP subnet / broadcast domain to eliminate routing 
> changes/problems. Need to know whether the problem is real or 
> perceived prior to further troubleshooting; lots of things 
> can happen when Layer 2 participation changes and spanning 
> tree is brought into the equation. 
>
> Jayson
>
> On Mon, 2005-08-29 at 13:56 +0200, uti-r () web de wrote:
> > Hi,
> >
> > isn't there any change to make  ethx sending or recieving 
> packages, while it is used for bridging? 
> > I changed iptables rules, but that wasn't the matter.
> > So what is blocking the nic?
> >
> > Uta
> >
> > JJ <joris.janssen () village uunet be> schrieb am 26.08.05 17:39:47:
> > > Have a look at
> > >
> > > https://bugs.honeynet.org/show_bug.cgi?id=350
> > >
> > >
> > >
> > > JJ.
> > >
> > >
> > >
> > > uti-r () web de wrote:
> > >
> > > > Hi all,
> > > >
> > > > I am running a roo honeywall in bridge mode and it is 
> bridging well. 
> > > > Unfortunately I just have 2 network interfaces, and I 
> need to run the management interface and ntp requests on the 
> internal interface (eth1), which belongs to br0.
> > > > -----------------br0-----------------
> > > > |                                                       
>                            
> > > > | |
> > > > external  eth0                                        
> internal eth1  - - -    ntp-Server,
> > > >                                                         
>                                               HwManager,
> > > >                                                         
>                                               
> > > > and some Honeypots
> > > >
> > > > HwMANAGER and HwTIME_SVR are configured with the right IPs. 
> > > > HwMANAGE_IFACE = br0 HwMANAGE_IP and corresponding 
> netmask  are set. A gateway is not necessary, because is is 
> in the same net. HwRESTRICT is enabled.  
> > > > But if I start the honeywall with /usr/local/bin/hwctl 
> -s -p /etc/honeywall.conf, br0 is not assigned with MANAGE_IP 
> as it is said in the comment. ???
> > > > I manually configured br0  (ifconfig br0 IP broadcast 
> netmask). I can only ping my own IP. Pinging e.g. the 
> ntp-Server IP I have 100% packed loss.
> > > > I tryed both ROACHMOTEL enabled an disabled, without any 
> effect on the result.
> > > > Walleye is running correctly. Once I changed HwLAN_IFACE 
> and HwINET_IFACE to br0 and configured eth1 manually as a 
> management interface.  As a result honewall was not bridging 
> anymore, but I had access on Walleye and ntpdate worked as well. 
> > > > eth1is in promiscuous mode, but that shouldn't be the 
> reason for not sending, is it?
> > > > Are there any firewall rules that are discarding icmp traffic?
> > > >
> > > > If no idea what to do now.
> > > > Bye and thanks for your answers,
> > > > Uta
> > ___________________________________________________________________
> > > > ______ Mit der Gruppen-SMS von WEB.DE FreeMail können 
> Sie eine SMS 
> > > > an alle Freunde gleichzeitig schicken: 
> > > > http://freemail.web.de/features/?mc=021179
> > > >
> > > >
> > > >
> > > >
> > > >  
> ______________________________________________________________________
> > ___ Mit der Gruppen-SMS von WEB.DE FreeMail können Sie eine SMS an 
> > alle Freunde gleichzeitig schicken: 
> > http://freemail.web.de/features/?mc=021179