Network TAP advice

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

Network TAP advice

Hi, I am about to upgrade an OBSD Firewall to OBSD-5.7 and am thinking
about implementing a network tap into the rebuild for an ids. The
current firewall doesn't contain a network bridge so I am slightly
unsure about how to achive this as the tutorials I have found expect me
to have a filtering bridge. I am just using pf with rdr-to and relayd.

Could I just create a 'single' interface bridge on each leg of my
firewall and add a spanport ?

|| |ifconfig bridge0 create|
|ifconfig bridge0 add em0|     #Internet line
|ifconfig bridge0 addspan em2   #My 1st Spanport| nic
|ifconfig bridge0 up|

The firewall actually has a trunk with the multiple vlans, I don't think
this will make a difference but thought it would be worth mentioning
just in case.

Any advice / pointers to tutorials would be appreciated.