Curt Bousquet <(E-Mail Removed)> wrote in
news:Xns95A6D0170D221xyzzyxyzzy@216.196.97.142:
> Here is what I would like to build:
>
> A linux box with two interfaces that I could drop into any
> network, for example between the router and the switch, without
> needing to make any addressing changes.
>
> Once in place, I'd like to be able to use software like
> ethereal, GKrellm, MRTG or other traffic monitoring software to
> watch traffic by port, type, destination or source address, etc,
> etc, etc in realtime so I can monitor bandwidth usage and types
> of traffic at that point in the network.
>
> Just plugging a box into the switch wouldn't work, since I want
> to see ALL the traffic, not just stuff addressed to the boxe's
> interface or broadcast traffic...
>
> I've seen some devices that can be configured with
> 'transparant' IP addressing so traffic passes right through. How
> would I do this on, for instance, a Fedora box? Is there some
> kind of project that already exists that gives this kind of
> functionality?
>
> Thanks for any pointers.
Something tells me you have more curiosity than actual networking
knowledge.
Not that many years ago, many folks used hubs (before switches got cheap).
The downside of a hub is that everything plugged into it saw the same
collection of packets.
Now if you had one of these hubs and plugged into it your Linux box,
a cable going to the router, and a cable going to the switch, you could
place your single NIC into promiscuous read mode & see EVERY packet that
passes between the router & the switch.
I do believe this is an easier solution than what you proposed.
|
Similar Threads
Linear Mode
