Hi, I am a newbie to this all (advanced routing) but would like to know more :-) I have a situation where I would like to use tc or any tool to send all incoming (and perhaps outgoing) traffic not only to itsd destination but also past a ids snort box. The trouble is that my external interface to the internet is a pptp connection (ask my provider why) and thus the ppp0 device. This device is located on a linuxbox where a pptp connection is made to a adsl modem. The gateway masqeurades then to the internal private network. Normally I would set up the ids on a hub between the gateway and the modem, but since the connection goes over pptp snort can't see traffic. I do not want to make the gateway ids, because it is an old machine also web- serving. So I am wondering if I can somehow create something equal to a sniffer port on a switch and send all traffic comning in/out of ppp0 to an internal ip adress (where snort is). hope you can help me hc Theories come and go, the frog stays [F. Jacob] ------------------------------------------------------- Hans-Cees Speel http://www.hanscees.com pgp public key at http://www.hanscees.com/hcs.asc Editor "Journal of Memetics Evolutionary Models of Information Transmission" http://www.cpm.mmu.ac.uk/jom-emit submit papers to the new managing editors at w.m.dejong@tbm.tudelft.nl or mikeb@media.mit.edu
