1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

SPAN port

Discussion in 'Tomato Firmware' started by rs232, Aug 14, 2010.

  1. rs232

    rs232 Network Guru Member

    Is it technically possible to SPAN an Ethernet port on the current AP hardware technology? (for sniffing/troubleshooting)

    Sometime I get lot of traffic in/out the internet and plugging a sniffer would really help but due to the switching nature I can see only traffic from/to the sniffer box.

    Cheers
    rs232
     
  2. humba

    humba Network Guru Member

    A few people have experimented with iptable commands to mirror traffic.. you should find them in this very subforum.
    However, nothing really replaces the good old switch with span port.
     
  3. rhester72

    rhester72 Network Guru Member

    Code:
    # iptables -j ROUTE --help
    ...
    
    ROUTE target v1.11 options:
        --oif       ifname          Route packet through `ifname' network interface
        --iif       ifname          Change packet's incoming interface to `ifname'
        --gw        ip              Route packet via this gateway `ip'
        --continue                  Route packet and continue traversing the
                                    rules. Not valid with --iif or --tee.
        --tee                       Duplicate packet, route the duplicate,
                                    continue traversing with original packet.
                                    Not valid with --iif or --continue.
    
    You're looking for --tee. :)

    Rodney
     

Share This Page