[OpenIndiana-discuss] Configuring span ports on oi151
James Carlson
carlsonj at workingcode.com
Tue Nov 8 12:39:19 UTC 2011
Jonathan Loran wrote:
> Why not something like this:
>
> mkfifo /tmp/spanout-pipe
> tcpdump -i bridgename0 -s0 -w /tmp/spanout-pipe &
> cat /tmp/spanout-pipe | ssh ids-system "snort-etc-capture"
Ew. I like it. :-/
For what it's worth, you could get rid of the named pipe:
tcpdump -i bridge0 -s0 -w /dev/stdout | ssh ids "snort-etc-capture"
--
James Carlson 42.703N 71.076W <carlsonj at workingcode.com>
More information about the OpenIndiana-discuss
mailing list