internet == [:eth0 router eth1:] == ids sensor (192.168.0.0/16)
[ eth2:] == clients (10.0.0.0/8)
so far it's a router which routes (nat) packets between external network and clients. i added ids sensor to eth1 interface and would like incoming packets on eth0 interface to be duplicated to eth1 so that ids sees them.
Get the ROUTE extension from patch-o-matic-ng and use the --tee option.
-- Philip Craig - SnapGear, A CyberGuard Company - http://www.SnapGear.com
