Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
P
P
protalk2016-06-24 11:41:31
linux
protalk, 2016-06-24 11:41:31

How to configure linux server to receive mirrored traffic?

Please help me find a good article on setting up a linux server designed to receive, process and log mirrored traffic. Interested only in http-traffic, parsing and warehousing requests. I would like to understand well how to configure iptables so that tcp-acks do not get out and the handler application receives packets not directed to it. Traffic profile: requests from one host to another, each request creates its own connection.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
C
chupasaurus, 2016-06-24
@chupasaurus

1) Install ntop-ng
2)

iptables -P INPUT DROP
iptables -A INPUT -i ingress-mirror-интерфейс -p tcp --dport 80 -p ACCEPT
iptables -A INPUT -d ip-сервера -p ACCEPT
iptables -A INPUT -i lo -d 127.0.0.0/8 -p ACCEPT

repeat for iptables6 if necessary
2) ?????
3) PROFIT

Similar questions
R
rinaz222019-10-18 18:19:06
How to follow the link in the mobile version of the site only after the second click? 5Reply
V
Vitaliy Kybych2019-11-17 23:37:33
How to set up wifi adapter in VirtualBox? 4Reply
B
Boris Yakushev2016-09-01 19:12:38
Https to localhost ubuntu? 1Reply
D
Dmitry Potylitsyn2016-09-02 13:16:05
How to ensure security in the payment terminal on Windows OS? 1Reply
K
ksvdon2014-06-30 15:49:06
How to see which init daemon and which window system in linux? 2Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question