Packet filters
Andy Baran
abaran1 at depaul.edu
Thu Jul 22 14:39:03 PDT 2004
This question sounds like it has an easy answer at first but please bear
with me. I am going to setup a network tap to monitor network traffic
flows. The machine will be running FreeBSD 4.10 and has two NICs. One
interface will be used for management and the other will be to collect
the flows. Obviously, security is a concern with a machine of this
nature so I need to setup a firewall on the management interface.
However, I need to be absolutely sure that the firewall will not be
handling any of the packets on the second interface. I am well aware
that IPFW and IPF can both be setup to monitor only a specific
interface. However, I'd like verification from someone familiar with
the code for either that the filter will not touch packets on the
interface being used as a tap. My apologies if I'm posing this question
to the wrong list. If I am please let me know whom I should be asking.
Thanks in advance for any replies.
-----------------------------
+Andy Baran ................................... abaran1 at depaul.edu
+DePaul Computer Security Response Team http://security.depaul.edu
---------------------------
More information about the freebsd-questions
mailing list