Bridge Howto

Herman Oosthuysen, GPL, 2011

Scope

This guide briefly explains how to create an ethernet bridge, so that one can use a machine with two ports as an ethernet protocol analyzer with tcpdump or wireshark.

Install

Install the 'ethernet bridge utilities' if you don't have it already. These provide the programs 'brcfg' and 'brctl'. Also install 'tcpdump' and 'wireshark' and maybe 'telnet' for debugging.

Bridge script

Here is a script. Put it in '/usr/local/bin' and make it executable with 'chmod 754 bridge'.

#! /bin/bash
echo Set up a bridge for a TCPDump or Wireshark protocol analyzer

# Ensure that there are no firewall rules!
iptables -F

# Configure the bridge
ifconfig eth0 promisc up
ifconfig eth1 promisc up
brctl addbr br0
brctl addif br0 eth0
brctl addif br0 eth1
ifconfig eth0 0.0.0.0
ifconfig eth1 0.0.0.0

# Set the address of the bridge and add a default route for remote management
ifconfig br0 192.168.111.200 netmask 255.255.255.0 up 
route add default gw 192.168.1.1

Now you can put this machine between two other machines and run tcpdump to see what is going on, on the wire.