Date: Thu, 1 Jul 1999 18:23:17 +0300 From: Ruslan Ermilov <ru@FreeBSD.ORG> To: "Oles' Hnatkevych" <gnut@fc.kiev.ua> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: network dumper - dumping hub Message-ID: <19990701182317.A60590@relay.ucb.crimea.ua> In-Reply-To: <Pine.BSF.4.05.9907011759340.36354-100000@blend.fc.kiev.ua>; from Oles' Hnatkevych on Thu, Jul 01, 1999 at 06:01:36PM %2B0300 References: <Pine.BSF.4.05.9907011759340.36354-100000@blend.fc.kiev.ua>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Jul 01, 1999 at 06:01:36PM +0300, Oles' Hnatkevych wrote: > Hello! > > Is it possible to make FreeBSD box to pass ALL THE NETWORK TRAFFIC > from one ethernet card to another and back (fully transparently) > and also dump that traffic to the file? > > Thank you in advance. > > With best wishes, Oles' Hnatkevych, http://gnut.kiev.ua, gnut@fc.kiev.ua > Finance & Credit Banking Corporation, Kyiv, Ukraine. > Artema str. 60, +380 44 4906877 This feature is only available in 4.0-CURRENT, but could be easily backported to 3.2-STABLE (if you want, I could send you the patches): # cvs log -N -r1.560 LINT RCS file: /home/ncvs/src/sys/i386/conf/LINT,v description: ---------------------------- revision 1.560 date: 1999/02/22 18:19:57; author: des; state: Exp; lines: +6 -1 Add support for stealth forwarding (forwarding packets without touching their ttl). This can be used - in combination with the proper ipfw incantations - to make a firewall or router invisible to traceroute and other exploration tools. This behaviour is controlled by a sysctl variable (net.inet.ip.stealth) and hidden behind a kernel option (IPSTEALTH). Reviewed by: eivind, bde ============================================================================= You can then use tcpdump(1) or write a simple program that uses divert(4) socket to intercept and dump the traffic. And don't forget to send your beer to Dag-Erling Smorgrav <des@FreeBSD.org>! Cheers, -- Ruslan Ermilov Sysadmin and DBA of the ru@ucb.crimea.ua United Commercial Bank, ru@FreeBSD.org FreeBSD committer, +380.652.247.647 Simferopol, Ukraine http://www.FreeBSD.org The Power To Serve http://www.oracle.com Enabling The Information Age To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19990701182317.A60590>