Date: Wed, 6 Jun 2001 17:05:53 -0400 From: Robin Woolard <RWoolard@NewWorldApps.com> To: "'freebsd-questions@FreeBSD.org'" <freebsd-questions@FreeBSD.ORG> Subject: OOB Nic as a second Nic for use with IDS Message-ID: <48F26311AF9C9943926CA0CD204BC2140C3F9D@nwa-srv-01.newworldapps.com>
next in thread | raw e-mail | index | archive | help
Hello, I have an IDS with 2 nic cards. I am trying to configure one of the nics without an ip address so that it can be the monitoring nic for my IDS (that would be fxp1). Both nics are the same type of nic. The problem I have been unable to solve is that the only traffic I can see on my monitoring interface (fxp1) is broadcast stuff - arp requests and nbt stuff. I have my test environment set up so that two interfaces from the IDS box are going to a hub (since hubs allow all traffic to be broadcast) along with my workstation. I am able to see all traffic going through using tcpdump on the interface with the ip address (fxp0). When I installed FreeBSD, one of the first things I had to do was choose my network adapter. I chose one because it didn't allow me to choose two (and the 2 nics are identical). Now, I could be wrong here but I don't think that the kernel needs to be recompiled with the second adapter because it is the same kind of nic and I am able to see broadcast traffic. Is this a correct assumption? I have added an entry for fxp1 in my rc.conf file. I can not find out the proper syntax for bringing this interface up with no ip address. Basically, my rc.conf entries are as follows: # -- sysinstall generated deltas -- # # Created: Mon Jun 4 11:53:04 2001 # Enable network daemons for user convenience. # This file now contains just the overrides from /etc/defaults/rc.conf # please make all changes to this file. defaultrouter="192.168.8.9" hostname="mojo.domain.com" ifconfig_fxp0="inet 192.168.8.10 netmask 255.255.255.0" ifconfig_fxp1= inetd_enable="YES" kern_securelevel_enable="NO" linux_enable="YES" moused_enable="YES" sendmail_enable="YES" sshd_enable="YES" usbd_enable="YES" Does anyone have any insight as to why fxp1 won't see any traffic besides broadcasts? I have tried to give fxp1 an ip address but I get the same results when it has an ip. I have been unable to find what I need in documentation. Thanks, R. Woolard rwoolard@newworldapps.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?48F26311AF9C9943926CA0CD204BC2140C3F9D>