[Snort-users] eth1 and eth2 Breaks Default Route

John Crain port123tcp at ...131...
Thu Jul 24 04:31:01 EDT 2003


Yeah, I did a sysctl -A, but did not see anything
related to promisc.

Any other ideas?

Thanks.

-John

--- Jacques <jbrierre at ...163...> wrote:
> did you query kernel parameter with sysctl?
> 
> -jacques.
> 
> Sorry... can't remember syntax
> 
> On Tuesday, July 22, 2003, at 04:18  PM, John Crain
> wrote:
> 
> > Dusty,
> >  
> > I just tested that on one of my boxen and it
> worked, sort of... The 
> > default route comes up a-ok, but when I do an
> ifconfig on the 
> > interface that is the sensor, there is no
> "PROMISC" notation. I put 
> > "PROMISC=yes" in ifcfg-eth1 file, but no luck. Did
> I type something 
> > wrong?
> >  
> > Thanks.
> >  
> > -John
> >
> > Dusty Hall <halljer at ...8709...> wrote:
> > John,
> >
> > Here's all I have in our eth1 startup file...
> >
> > cat /etc/sysconfig/network-scripts/ifcfg-eth1
> >
> > DEVICE=eth1
> > ONBOOT=yes
> > PROMISC=yes
> >
> > Later,
> >
> >
> > -Dusty
> >
> >
> > >>> John Crain 7/22/2003 2:57:20 PM >>>
> > There was a typo in the original message. The
> > correction follows:
> >
> > A buddy of mine asked the following question on
> > comp.os.linux.networking, but those folks don't
> fully
> > understand why an interface would want to be set
> to
> > 0.0.0.0/0. If anyone can shed some light on a fix,
> I'd
> > like to know. Here's the original question:
> >
> > I have Red Hat 9 on an X86 with three (3)
> interfaces
> > working as an IDS. eth0 is my management interface
> > with a live IP address. eth1 and eth2 both have
> their
> > IP addresses set to 0.0.0.0/0 for data collection.
> > All IP addresses are set in
> > /etc/sysconfig/network-scripts/ifcfg-eth?.
> >
> > When the box boots up my default route is shot
> through
> > eth2 (should be eth0) even though I have my
> GATEWAY
> > keyword set to the gateway I want. The following
> are
> > my ifcfg-eth? entries:
> >
> > /etc/sysconfig/network-scripts/ifcfg-eth0
> > DEVICE=eth0
> > onfiltered=yes
> > BOOTPROTO=static
> > IPADDR=1.2.3.4
> > NETMASK=255.255.255.0
> > GATEWAY=1.2.3.1
> >
> > /etc/sysconfig/network-scripts/ifcfg-eth1
> > DEVICE=eth1
> > BOOTPROTO=static
> > BROADCAST=255.255.255.255
> > IPADDR=0.0.0.0
> > NETMASK=0.0.0.0
> > NETWORK=0.0.0.0
> > onfiltered=yes
> > GATEWAY=1.2.3.1
> >
> > /etc/sysconfig/network-scripts/ifcfg-eth2
> > DEVICE=eth2
> > BOOTPROTO=static
> > BROADCAST=255.255.255.255
> > IPADDR=0.0.0.0
> > NETMASK=0.0.0.0
> > NETWORK=0.0.0.0
> > onfiltered=yes
> > GATEWAY=1.2.3.1
> >
> > I added "GATEWAY=1.2.3.1" to ifcfg-eth1 and
> ifcfg-eth2
> > to see if that would fix things. It doesn't...
> >
> > Q1: How do I get the system to recognize the
> proper
> > gateway as specified in ifcfg-eth0?
> > Q2: Is there a way to tell an interface to boot in
> > promiscous mode? I'm thinking there is a keyword
> that
> > can be placed in ifcfg-eth?, but I can't find any
> > reference to that...
> >
> > __________________________________
> > Do you Yahoo!?
> > The New Yahoo! Search - Faster. Easier. Bingo.
> > http://search.yahoo.com
> >
> >
> >
>
-------------------------------------------------------
> > This SF.net email is sponsored by: VM Ware
> > With VMware you can run multiple operating systems
> on a single
> > machine.
> > WITHOUT REBOOTING! Mix Linux / Windows / Novell
> virtual machines at
> > the
> > same time. Free trial click here:
> http://www.vmware.com/wl/offer/345/0
> >
> > _______________________________________________
> > Snort-users mailing list
> > Snort-users at lists.sourceforge.net
> > Go to this URL to change user options or
> unsubscribe:
> >
>
https://lists.sourceforge.net/lists/listinfo/snort-users
> > Snort-users list archive:
> >
>
http://www.geocrawler.com/redir-sf.php3?list=snort-users
> >
> >
> >
> <image.tiff>
> >
> > Do you Yahoo!?
> > The New Yahoo! Search - Faster. Easier. Bingo.


__________________________________
Do you Yahoo!?
The New Yahoo! Search - Faster. Easier. Bingo.
http://search.yahoo.com




More information about the Snort-users mailing list