0
arthurlutz

Espressobin transparent monitoring switch - Ethernet bridge

Recommended Posts

I am running armbian 5.44 testing Debian GNU/Linux 9 (stretch) 4.14.40-mvebu64   on the espressobin and quite enjoy the default setting of plugin it into my my network without having to change anything (no changes to DHCP, routing, existing firewall and port redirection settings), but I have no way of introspecting the network like I would like.

 

My project is to have a monitoring device on my home network that then helps me set up traffic shaping rules (eg. stop those annoying updates of the "other OS" from preventing everyone from using the internet, simple browsing rendered unusable). For that I want to use ntopng bridging and policying https://www.ntop.org/guides/ntopng/advanced_features/bridging_and_policing.html (haven't figured out yet if it's in the pro version or the community version), or simply a setup with fireqos and firehol https://firehol.org/#fireqos (which has some nice visualisation in netdata https://github.com/firehol/netdata/wiki/You-should-install-QoS-on-all-your-servers.

 

On the espressobin forum, there is topic about the Topaz Switch asking if there is a low level bridge in the hardware that should be disabled and the answers there are un clear : http://espressobin.net/forums/topic/are-lan0-and-lan1-bridged-in-hardware/

 

I am stuck not being able to see the TCP traffic going through any of the network interfaces with jnettop, tcpdump or ntopng (which only sees udp and arp traffic). I've looked at the networkd default configuration and the brctl outputs which all look OK so far...

 

I have tried a few things with ebtables and iptables, but failed and I am beginning to think that this is hardware related, the above mentioned thread seems to point that this is the case. (ebtables ressources are a bit scarse as far as I can find)

 

I have flashed the uboot to a newer version to be able to use armbian, so I can do settings there if needed.

 

I would really appreciate not having to turn this transparent switch into a router to reach my goal.

 

Thanks in advance for any help or pointer on this matter.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
0