Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I'd like to install a network tap on my network to monitor traffic. what package is best to perform this task? Is this the best way to install the tap?
firewall
Green interface --------> net tap -------> Router
well a network tap is a hardware doohickey, not software, you would make up a special network adapter which contains multiple wires on the TX ports on a certain interface. if you want to do it in software then you can run an app like wireshark on either box if they are running linux of windows
well a network tap is a hardware doohickey, not software, you would make up a special network adapter which contains multiple wires on the TX ports on a certain interface. if you want to do it in software then you can run an app like wireshark on either box if they are running linux of windows
Thanks, wireshark is what I use now. I know and read that it's hardware that can do it. I assumed that I can build a box and drop in 2 nics in it. One of the nics would be point a, and the other would be point b. You'd capture traffic between points a and b. There has to be some kind of software that would do this? In essence creating the tap, (network monitoring PORT). Network General has these boxes, I've seen them in production for upstream and downstream traffic. I'd like to build a linux version.
well that's a bridge. a tap is a 100% monitor only, at electrical signal level. if you install a box and just configure two nics with the kernel bridge module you'll basically have a 2 port switch. then you can just run wireshark against that single bridged interface, br0.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
Installing a Network tap
