[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-users] XCP 1.6 and Snort dom-U

To: xen-users@xxxxxxxxxxxxx
From: "Ryan Pugatch" <rpug@xxxxxxx>
Date: Tue, 2 Jul 2013 09:51:20 -0400
Delivery-date: Tue, 02 Jul 2013 13:52:33 +0000
Importance: Normal
List-id: Xen user discussion <xen-users.lists.xen.org>

Hi everyone,

I am trying to run Snort (under CentOS) in a dom-U under XCP 1.6.  I have
set up a pif which is connected to a Cisco switch that is in mirror mode
(SPAN port.)  I have assigned a vif to the Snort dom-U that is connected
to the SPAN port pif.  If I run a tcpdump on the pif on dom-0, I see all
traffic that is flowing through the network.  If I run the same on the vif
within the Snort dom-U, I don't see that traffic.  It seems to be that the
openvswitch is filtering the traffic.  I have set both the vif and pif to
promiscuous mode but have not been successful in getting the SPAN traffic
to pass to dom-U.

Has anyone been successfully able to do this?

Thanks,

Ryan


_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxx
http://lists.xen.org/xen-users

Prev by Date: Re: [Xen-users] Amazon EC2+Slackware 14(64 bit)
Next by Date: Re: [Xen-users] Xen 4.2.2 /etc/init.d/xendomains save and restore of domains does not work
Previous by thread: Re: [Xen-users] SPICE with Upstream QEMU and qxl VGA cause Windows BSOD
Next by thread: [Xen-users] Speed of hard disk from Host
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.