10-06-2008
Setting up port mirroring on LINUX
Hello everyone.
I am supposed to configure port mirroring on Linux (the LAN traffic needs to be routed to the other interface and passed a copy to network monitoring software):
eth0 - connected to local traffic
eth1 - connected to the Internet
The machine is running CentOS v4.4 (Server edition).
Did anyone have experience with this (either doing it at work or home)?
Thx a bunch!
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
How can I switch the port which SSH listens on? (1 Reply)
Discussion started by: Spetnik
1 Replies
2. UNIX for Dummies Questions & Answers
I have a piece of equipment, a Baytech RPC-3, that I need to communicate with through the com port.
I normally use this equipment at home and am able to connect to it without problems using FC5 and minicom; I brought the equipment into work and cannot get my pc, using Suse 10 and minicom to... (0 Replies)
Discussion started by: thumper
0 Replies
3. IP Networking
Hi all, one of my Sun Box facing the problem.
The network port i had set to Auto-Negotiated and i had edited the /etc/system/ file in the Sun box as below:
set hme:hme_adv_autoneg_cap=1
set hme:hme_adv_100fdx_cap=0
set hme:hme_adv_100hdx_cap=0
But when i checked the /var/adm/messages/, it... (0 Replies)
Discussion started by: AirWalker83
0 Replies
4. Shell Programming and Scripting
hi
How can I set an account so that it expires at a particular date? (6 Replies)
Discussion started by: tjay83
6 Replies
5. UNIX for Advanced & Expert Users
Hi,
Someone told me how to check the remote switch port's speed setting on the other end of the cable, from linux. I forgot it.
Anyone knows? I checked dmesg, ethtool (haven't checked this out thoroughly) , no luck.
thanks,
Marc (1 Reply)
Discussion started by: marcpascual
1 Replies
6. IP Networking
Hello,
I want to add a port in the firewall exception list so that my application can be accessed over network even if firewall is disabled. I am using iptables command to add exception.
The problem is, after setting the rule if I change the firewall setting i.e. on/off then it is overwriting... (1 Reply)
Discussion started by: senrooy
1 Replies
7. UNIX for Dummies Questions & Answers
Dear Administrators and Moderators,
Normally I use Windows for browsing net, but few days back my pc was affected with virus.
One of my friend suggested me to use Linux for safe browsing.
I would like to know
1. I have Mandrake 8.2(HDD) and Obuntu 9.x(CD) - which one is better (have limited... (1 Reply)
Discussion started by: kesari
1 Replies
8. Solaris
please find the below o/p for your reference
bash-3.00# fcinfo hba-port
HBA Port WWN: 21000024ff295a34
OS Device Name: /dev/cfg/c2
Manufacturer: QLogic Corp.
Model: 375-3356-02
Firmware Version: 05.03.02
FCode/BIOS Version: BIOS: 2.02; fcode: 2.01;... (3 Replies)
Discussion started by: sb200
3 Replies
9. Red Hat
I have 1 serial port (9 Pin) attached with my Linux server.If I give
$dmesg | grep tty , it provides me the following.
ttyS0 and ttyS1.
I have 1 COM port with my server mother board. I have 1 customized application
that requires this COM port to be used.
The parameter to be set for COM port... (4 Replies)
Discussion started by: Anjan Ganguly
4 Replies
10. Red Hat
I am trying to change the setting of serial port baud rate in Red Hat Linux 5.9 by the following command.
>> stty 9600 cs8 -parenb -ixon -cstopb -echo -F /dev/ttyS0
The serial port will be used by our custom application in 2 separate servers which are the replica of one another.
The port setting... (2 Replies)
Discussion started by: Anjan Ganguly
2 Replies
LEARN ABOUT CENTOS
tc-matchall
Match-all classifier in tc(8) Linux Match-all classifier in tc(8)
NAME
matchall - traffic control filter that matches every packet
SYNOPSIS
tc filter ... matchall [ skip_sw | skip_hw ] [ action ACTION_SPEC ] [ classid CLASSID ]
DESCRIPTION
The matchall filter allows to classify every packet that flows on the port and run a action on it.
OPTIONS
action ACTION_SPEC
Apply an action from the generic actions framework on matching packets.
classid CLASSID
Push matching packets into the class identified by CLASSID.
skip_sw
Do not process filter by software. If hardware has no offload support for this filter, or TC offload is not enabled for the inter-
face, operation will fail.
skip_hw
Do not process filter by hardware.
EXAMPLES
To create ingress mirroring from port eth1 to port eth2:
tc qdisc add dev eth1 handle ffff: ingress
tc filter add dev eth1 parent ffff:
matchall skip_sw
action mirred egress mirror
dev eth2
The first command creats an ingress qdisc with handle ffff: on device eth1 where the second command attaches a matchall filters on it that
mirrors the packets to device eth2.
To create egress mirroring from port eth1 to port eth2:
tc qdisc add dev eth1 handle 1: root prio
tc filter add dev eth1 parent 1:
matchall skip_sw
action mirred egress mirror
dev eth2
The first command creats an egress qdisc with handle 1: that replaces the root qdisc on device eth1 where the second command attaches a
matchall filters on it that mirrors the packets to device eth2.
To sample one of every 100 packets flowing into interface eth0 to psample group 12:
tc qdisc add dev eth0 handle ffff: ingress
tc filter add dev eth0 parent ffff: matchall
action sample rate 100 group 12
SEE ALSO
tc(8),
iproute2 21 Oct 2015 Match-all classifier in tc(8)