sniffing network traffic, linux server between firewall and router, only want http
I was hoping someone could help me out.
I have a switch with port monitoring on, that a firewall, router, and linux box are connected too. I cannot replace either the router or the firewall.
What i want to do is take a "snapshot" of what webpages are being accessed by ip. We are using a windows nt4 dns server, so i cannot just log dns requests. Or as far as i know i cant.
All i really want to do is just get a filter up there to dump the first part of web traffic.
anyone know a better/way to do this?