Port mirror only shows broadcast on vm

D

DaYroXy

New Member
Jul 31, 2023
9
0
1
Hey guys im trying to setup port mirror on my kali to sniff traffic, if i passthru the pci of the nic raw i can see all traffic but if i use linux bridge and give it vmbr150 i only see broadcasts some arp and icmp but none is from the mirrored traffic how can i fix this so i dont have to passthru the pci device?

1718869485947.png
1718869469807.png

Code: 
auto lo
iface lo inet loopback

auto enp13s0
iface enp13s0 inet manual
#Main One

auto enp3s0
iface enp3s0 inet manual
#First

auto enp4s0
iface enp4s0 inet manual

auto enp5s0
iface enp5s0 inet manual

auto enp6s0
iface enp6s0 inet manual

auto vmbr0
iface vmbr0 inet static
        address 10.0.0.15/24
        gateway 10.0.0.1
        bridge-ports enp13s0
        bridge-stp off
        bridge-fd 0

auto vmbr150
iface vmbr150 inet manual
        bridge-ports enp3s0
        bridge-stp off
        bridge-fd 0
        pre-up ip link set enp4s0 promisc on

source /etc/network/interfaces.d/*

This is the traffic im getting which is nothing, my ap, servers do go threw the mirrored port so i should see everything

1718869558979.png
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back