|
iptables
I'm looking to use Linux (Ubuntu 9.10) as a network bridge between two subnets. I can configure iptables to permit all traffic on eth0 (subnet 1) to pass to eth1 (subnet 2) but before transmitting that traffic I want to perform further analysis. Is it possible within iptables or via a third-party product such a pyroman, to write a "hook" that then directs that traffic to another application installed on the same host?
thanks Doug Student IMSS, University of Reading, UK |
Basically a software network tap?
|
Thanks very much for your reply. Yes but rather than direct to Snort or other Network Analyser I want to direct to a package called pyMVPA. I could capture the traffic using Snort, send to a mySQL database, complete any processing there and hook up pyMVPA to the database, but it would appear to add a lot of latency compared to getting the traffic directly into the application. Whilst I'm OK on IP (routing/switching etc) I've managed to spend 10 years in IT without having to programme or do much in the way of Linux, so I'm unsure what can/cannot be done.
Doug |
| All times are GMT -5. The time now is 02:49 AM. |