If there is no address translation in the routing process then you
should have alias interfaces for those IPs which you want to listen
on.
For instance if the 192.168.1.0/24 network is redirected to your
computer then you should use a command like this:
$ for i in `seq 2 254`; do sudo ip addr add 192.168.1.$i/24 brd + dev eth0; done
(or something :) )
In this case when nepenthes listens on 0.0.0.0 then it means it listen
on the alias IPs as well.
If there is address translation in the routing then those packet
should have your IP as their destination IP and then it should work.
If you don't know you can check it with tcpdump.
I hope I helped.
Good luck!
Geri
2009/4/18 Viktor <gecko003 (at) gmail (dot) com [email concealed]>:
> Hello!
>
> I'm running nepenthes on a debian OS at an universiry network with a fix IP. I managed to get a high number of unused IP addresses from the university network administrator, all traffic from these are routed to my computer. Now i'm having 200 packet/s income rate, but nepenthes only looks for the traffic addressed to my own IP. Is there a way to make nepenthes listening for all incoming packets despite the packet destination IP is not mine?
> I have a lot of IPs, and they are random, changing every time, so it's not an option to give alternate IPs to my interface.
>
> Thanks in advance!
>
> Viktor
>
>
If there is no address translation in the routing process then you
should have alias interfaces for those IPs which you want to listen
on.
For instance if the 192.168.1.0/24 network is redirected to your
computer then you should use a command like this:
$ for i in `seq 2 254`; do sudo ip addr add 192.168.1.$i/24 brd + dev eth0; done
(or something :) )
In this case when nepenthes listens on 0.0.0.0 then it means it listen
on the alias IPs as well.
If there is address translation in the routing then those packet
should have your IP as their destination IP and then it should work.
If you don't know you can check it with tcpdump.
I hope I helped.
Good luck!
Geri
2009/4/18 Viktor <gecko003 (at) gmail (dot) com [email concealed]>:
> Hello!
>
> I'm running nepenthes on a debian OS at an universiry network with a fix IP. I managed to get a high number of unused IP addresses from the university network administrator, all traffic from these are routed to my computer. Now i'm having 200 packet/s income rate, but nepenthes only looks for the traffic addressed to my own IP. Is there a way to make nepenthes listening for all incoming packets despite the packet destination IP is not mine?
> I have a lot of IPs, and they are random, changing every time, so it's not an option to give alternate IPs to my interface.
>
> Thanks in advance!
>
> Viktor
>
>
[ reply ]