Products Firewalla Gold SE Firewalla Gold Pro Firewalla Gold Plus Firewalla Purple Firewalla Purple SE Firewalla Wi-Fi SD Product Comparison Product Reviews

Forwarding Traffic To Another Device

Follow
Avatar
Jranderson

I have a Firewalla Blue (FB) and happy with it and it is working as expected. I'm wanting to test some open source SIEM solutions and was wondering if I could use the FB to forward traffic it receives to an IP destination for analysis? Since it's already ingesting traffic via its ARP spoofing capabilities, this might be an option? The only other option that I can think of is to purchase another switch or firewall which support TAP or SPAN ports? Any help would be greatly appreciated.

0

Comments

1 comment

Sort by Date Votes
  • Avatar
    Firewalla

    This may require some Linux magic. What you need is to use iptables and then the TEE option to copy packets

    TEE

    The TEE target will clone a packet and redirect this clone to another machine on the local network segment. In other words, the nexthop must be the target, or you will have to configure the nexthop to forward it further if so desired.

    I have not used this myself

    0
    Comment actions Permalink

Please sign in to leave a comment.

Didn't find what you were looking for?

New post