Michael Schwendt writes:
> On Sat, 27 Dec 2003 12:55:42 -0600 (CST), Robert Brown wrote:
>
> > (wiping the egg off my face...)
> > I just looked at my older kernel update scripts, and indeed, I used
> > -ivh, *NOT* -Fvh as I did most recently. How did I miss that?
> >
> > So should I just go ahead an reinstall the 2.4.20-27.9 kernel again
> > over the old attemp, only using -ivh this time? That seems reasonable
> > to me. That -F just might have kept me from installing a file that I
> > needed...
>
> It won't change anything at this point. Both commands have installed
> the kernel package properly. Btw, you can verify that with
> "rpm -V kernel".
OK, then back to my original question: any ideas why tcpdump is not
working when an interface is in promiscuous mode? It seems to capture
packets with the interface's own ip address as either src or dst, and
also broadcast packets, but it misses other packets. The network
hardware setup is unchanged from before the 2.4.20-27.9 kernel was
installed, when tcpdump was working fine. I am using 2 nics, one on
my lan with a 192.168.1.* ip address, one on my dmz with no assigned
ip address, and one on my wild zone where the bridge to the internet
is. The lan and dmz are 10/100baseT hubs, and the wild is a 10baseT
half-duplex hub. The nics are nailed up appropriately in my
/etc/modules.conf file thusly:
alias eth0 8139too
alias eth1 8139too
alias eth2 8139too
options 8139too 0x100,0x100,0x10
The use of hubs and half-duplex rather than switches and full-duplex
is required for the NIDS to see all the packets.
--
-------- "And there came a writing to him from Elijah" [2Ch 21:12] --------
R. J. Brown III rj@xxxxxxxxxxx http://www.elilabs.com/~rj voice 859 567-7311
Elijah Laboratories Inc. P. O. Box 166, Warsaw KY 41095 fax 859 567-7311
----- M o d e l i n g t h e M e t h o d s o f t h e M i n d ------
--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
