[Mikrotik] Mikrotik Sniffing the Bridge

cyberdoc cyberdoc at astro.cmreynolds.org
Sun Jan 20 22:26:35 CST 2008


We are running a Mikrotik Bandwidth Control Unit (BCU) in a bridge mode, 
using simple queues to control the traffic management.  Our customers 
have a variety of pricing plans, and the BCU enforces the bandwidth.  We 
are running a Pentium III 800 MHz with Mikrotik OS 2.9.5x installed.  
The unit has three ethernet cards installed -- one for the tower, the 
other to the backhauls, and the third for administrative use.

Is there an easy way that I can configure the BCU to pump out the 
traffic on the bridge to the third network card?  I would like to be 
able to sniff this data, perhaps sending it to a SNORT box for review, 
or to NTOP to research the traffic on the network, or to Ethereal for 
packet inspection. 

Right now, I have the third card tied to the bridge, but I am not seeing 
a replica of the traffic that the other two cards are passing. 

I do have a test network available to try out your suggestions, and I 
will be most happy to report our success or failure.



More information about the Mikrotik mailing list