[Honeywall] modify honeywall for 4 interfaces.

Earl esammons at hush.com
Sat Oct 11 17:33:10 EDT 2008


I certainly don't intend to discourage innovation or new direction 
but the Honeywall is already a very complex beast.  I recommend 
isolating the "routing" decision (BAD_STUFF_ROUTER) upstream from 
the Honeywall and letting the Honeywall remain focused on what it 
does best.

WAN---BAD_STUFF_ROUTER----LAN
             |
             |
         Honeywall---Management
             |
          Honeynet

Just a thought.

Earl


On Sat, 11 Oct 2008 05:58:10 +0000 Thusith Abeykoon 
<thusith at csnsc.lk> wrote:
>Hi all,
>     im implementing a honeynet for my university project. what i 
>want to do
>is ;
>     I have 4 NICs in the honeywall. WAN, Honeynet, Management, 
>LAN.
>     I need to enable snort-inline for WAN and LAN interfaces.
>     If any suspecious traffic found in WAN and LAN, forward them 
>to the
>honeypot.
>
>     I installed the honeywall and tested it for 3 interfaces as 
>in the
>guide. Please help me to implement the LAN interface.
>
> Thank you,
> Thusith.



More information about the Honeywall mailing list