hi. i have a firewall with 2 interfaces, i ran linux on it it configured with iproute and iptables, it has a 32Mbit uplink, and it tries ;) to protect ~300 users from general threats. i filter on both interfaces, because our lan is frequently infected with viruses. i need to run at least a program which outputs minimal information on connections which are passed thru so, i need a special interface - something that works like the lo - because i want to relive the network acccounting from outfiltered packets ( and i want to be able to deploy snort too ;) because of this thing, in the last time it caused some overhead in the accounting daemon (it consumed a lot of cpu then stopped) when we have ddos-ed ;) i can accept a solution where the machine routes the packets twice, so i can run my programs on a middle interface. --- sorry for my bad english... _______________________________________________ LARTC mailing list / LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
