iptables LOG on a Switch Mirror Port
 

Hi.

I have a Problem with iptables on a Mirror-Port on a Cisco c2950 Switch. The Switch has a Mirro (SPAN)-Port configured. On that Port is a Linux Server with SLES 8. If i start tcpdump on the Interface the Server give all Mirrored Packets out.
If i configured iptables to LOG all Traffic incomming on this Interface (iptables -A INUT -i eth1 -j LOG) and set the IF in Primiscous Mode (ifconfig eth1 promisc) the LOG contains only the Broadcast Treffic. But not the Unicast. The Interface it selfe has none IP-Address.

Greetings

Master D.