Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Redirect foo.

From: James Lay <jlay () slave-tothe-box net>
Date: Mon, 29 Aug 2011 05:53:02 -0600


On 8/28/11 4:05 PM, "Paul Halliday" <paul.halliday () gmail com> wrote:


I have a vm on a linux host. The host has one public address (eth0)
and numerous vm's listening on a single virtual interface (vm0).

I want to redirect all traffic to my vm (10.0.0.1) from eth0 w/o
leaking into other vms. I had originally planned on using daemonlogger
but I notice it is if1 -> if2. Maybe tcpreplay, iptables?
what I am looking for is eth0 -> 10.0.0.1

What are my options?

Thanks!
-- 
Paul Halliday
http://www.squertproject.org/



Paul,

Take a look at ebtables perhaps...should be able to redirect using MAC
addresses.

James



------------------------------------------------------------------------------
EMC VNX: the world's simplest storage, starting under $10K
The only unified storage solution that offers unified management 
Up to 160% more powerful than alternatives and 25% more efficient. 
Guaranteed. http://p.sf.net/sfu/emc-vnx-dev2dev
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!
Previous By Date Next
Previous By Thread Next

Current thread: