| sean finney on 16 Dec 2008 14:42:38 -0800 |
|
hiya, On Tue, Dec 16, 2008 at 02:37:19PM -0500, Chad V wrote: > I'm looking for some ideas on performing a network tap to capture all > or certain traffic on a LAN using Wireshark and time is at a premium. <snip> > My next idea is to plug the 1 unmanaged switch into the other, then > run a cable to NIC-1 on linux pc, then run cable from NIC-2 to router. > I believe this qualifies as a bridge. The server would just be > capturing traffic via wireshark and monitoring bandwidth used per > device with ntop. > PC & VoIP phone network ------------------- unmanaged > switch-----NIC1-----linux pc-----NIC2------FiOS router ------- > internet > PC & VoIP phone network ----- unmanaged switch----| > > Using google, I found this article on building a transparent bridge > with he ability to monitor traffic and I'll be following it later. note, if you're using debian (or perhaps a debian-derived distro), it's much easier than some of these more detailed tutorials would lead you to believe :) when i had to do it myself for network debugging, i recall the setup being pretty easy; something like: * apt-get installing bridge-utils * rtfm'ing bridge-utils-interfaces(5) * adding a br0 entry to /etc/network/interfaces * plug everything together and ifup'ing br0 sean Attachment:
signature.asc ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
|
|