Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game. |
| Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
 |
GNU/Linux Basic Guide
This 255-page guide will provide you with the keys to understand the philosophy of free software, teach you how to use and handle it, and give you the tools required to move easily in the world of GNU/Linux. Many users and administrators will be taking their first steps with this GNU/Linux Basic guide and it will show you how to approach and solve the problems you encounter.
Click Here to receive this Complete Guide absolutely free. |
Due to network maintenance being performed by our provider, LQ will be down starting at 05:01 AM UTC. The exact duration of the downtime isn't currently known. We apologize for the inconvenience.
|
 |
01-19-2013, 11:59 AM
|
#1
|
|
LQ Newbie
Registered: Jan 2013
Posts: 1
Rep: 
|
Bridged Network Sniffing
Hello Everyone,
This is my first post - be gentle.
I have a really frustrating problem that I've been fighting with for two days.
I have a client with a Mission Critical telephone system. The client has a PBX hosted in a data-center that's being maintained by the phone company.
My client needs to be able to do analytics of the call quality so that he can provide it to his customers. Easy peasy... Voipmonitor.org to the rescue.
Here's my solution:
[phones]---[switch]---[voipmonitor-server]---[router]---[internet]
To do this, I want to bridge two nics, and then packet sniff the bridge interface.
Here's what I've done (all as su)
brctl addbr br0
brctl addif br0 eth0
brctl addif br0 eth1
ifconfig eth0 0.0.0.0 up
ifconfig eth1 0.0.0.0 up
ifconfig br0 192.168.15.1 up (this is the IP of the gateway)
echo 1 > /proc/sys/net/ipv4/ip_forward
Two things happen:
1. The phones will pass through the bridge, but get randomly disconnected. I plugged in my workstation onto this subnet, and the 192.168.15.1 gateway kept flipping between the admin console for VoipMonitor & the Cisco portal (so the gateways were getting messed up).
2. The server cannot access the internet or local network. I need to set up the server with a static IP so that I can forward port 80 to it and have a nice web interface from the domain. I can access the web interface by typing localhost into the browser of the server, and it works great, but I cannot do it from any other computer on the network. Likewise, I also need to be able to install Kaseya on it for alerts (but I can handle that :P)
I need the server to bridge the two NICs, packet sniff on br0, and have its own IP from the NIC so I can use the pretty web-based monitoring service Likewise, its for a mission critical business - so it has to be pretty reliable.
Could someone please help me? I'm somewhat of a novice with Linux - so please be gentle. Step by step guides would be helpful
Thanks everyone!
Last edited by thebusymind; 01-19-2013 at 12:02 PM.
|
|
|
|
|
01-19-2013, 08:24 PM
|
#2
|
|
Member
Registered: Nov 2012
Location: Bangalore
Distribution: Fedora & Ubuntu
Posts: 77
Rep: 
|
Quote:
|
Originally Posted by thebusymind;
[phones
---[switch]---[voipmonitor-server]---[router]---[internet]
To do this, I want to bridge two nics, and then packet sniff the bridge interface.
Here's what I've done (all as su)
brctl addbr br0
brctl addif br0 eth0
brctl addif br0 eth1
ifconfig eth0 0.0.0.0 up
ifconfig eth1 0.0.0.0 up
ifconfig br0 192.168.15.1 up (this is the IP of the gateway)
echo 1 > /proc/sys/net/ipv4/ip_forward
Two things happen:
1. The phones will pass through the bridge, but get randomly disconnected. I plugged in my workstation onto this subnet, and the 192.168.15.1 gateway kept flipping between the admin console for VoipMonitor & the Cisco portal (so the gateways were getting messed up).
2. The server cannot access the internet or local network. I need to set up the server with a static IP so that I can forward port 80 to it and have a nice web interface from the domain. I can access the web interface by typing localhost into the browser of the server, and it works great, but I cannot do it from any other computer on the network. Likewise, I also need to be able to install Kaseya on it for alerts (but I can handle that :P)
I need the server to bridge the two NICs, packet sniff on br0, and have its own IP from the NIC so I can use the pretty web-based monitoring service Likewise, its for a mission critical business - so it has to be pretty reliable.
Could someone please help me? I'm somewhat of a novice with Linux - so please be gentle. Step by step guides would be helpful
Thanks everyone!
|
Hi TheBusyMind,
A few question from my side.
1) As per my undertanding, you have enabled n/w bonding in the server side.. Have you enable port grouping in s/w side? if no enable that first.
2) IP forwading itself will not help you to enable nating, after that only your local n/w host can access to the internet through server.
Code:
a) Save the current iptable rules using iptables-save, Ie iptables-save > /tmp/iptables-conf-date.
b) Then check the current config using.
iptables -t nat -L -n --line-number (This will list the nat table entry's with line number)
c) Flush the current rules in the filter and nat table using -F
iptables -t filter -F
iptables -t nat -F
c) Then forwarding and Masquerade
iptables -t nat -I nat 1 POSTROUTING -o eth2 -j MASQUERADE # I assume that eth2 is having the public ip and br0 is in private network
iptables -t filter -I FORWARD 1 -i br0 -j ACCEPT
d) After that enable logging in the table... so you will get better idea about what is happening in the host
For example I am enabling logging in the INPUT chain of filter table below.
iptable -t filter -I INPUT 1 -j LOG --log-level 4 # after that you can disable the logging by
iptable -t filter -D INPUT 1
PS:- Please provide the diagram with the details, so people can help you more on this.
Resources
https://access.redhat.com/knowledge/...rk-bridge.html
http://www.kernel.org/doc/Documentat...ng/bonding.txt |
|
|
|
| Thread Tools |
Search this Thread |
|
|
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
All times are GMT -5. The time now is 05:21 PM.
|
|
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
|
 Latest Threads
LQ News
|
|
