Bridged Network Sniffing
This is my first post - be gentle.
I have a really frustrating problem that I've been fighting with for two days.
I have a client with a Mission Critical telephone system. The client has a PBX hosted in a data-center that's being maintained by the phone company.
My client needs to be able to do analytics of the call quality so that he can provide it to his customers. Easy peasy... Voipmonitor.org to the rescue.
Here's my solution:
To do this, I want to bridge two nics, and then packet sniff the bridge interface.
Here's what I've done (all as su)
brctl addbr br0
brctl addif br0 eth0
brctl addif br0 eth1
ifconfig eth0 0.0.0.0 up
ifconfig eth1 0.0.0.0 up
ifconfig br0 192.168.15.1 up (this is the IP of the gateway)
echo 1 > /proc/sys/net/ipv4/ip_forward
Two things happen:
1. The phones will pass through the bridge, but get randomly disconnected. I plugged in my workstation onto this subnet, and the 192.168.15.1 gateway kept flipping between the admin console for VoipMonitor & the Cisco portal (so the gateways were getting messed up).
2. The server cannot access the internet or local network. I need to set up the server with a static IP so that I can forward port 80 to it and have a nice web interface from the domain. I can access the web interface by typing localhost into the browser of the server, and it works great, but I cannot do it from any other computer on the network. Likewise, I also need to be able to install Kaseya on it for alerts (but I can handle that :P)
I need the server to bridge the two NICs, packet sniff on br0, and have its own IP from the NIC so I can use the pretty web-based monitoring service Likewise, its for a mission critical business - so it has to be pretty reliable.
Could someone please help me? I'm somewhat of a novice with Linux - so please be gentle. Step by step guides would be helpful
Last edited by thebusymind; 01-19-2013 at 12:02 PM.