I've installed Security Onion in a VM and am trying to mirror all traffic that goes across br-lan to my Security Onion install. I've found many tutorials on how to do this but they all seem to have been made for older versions of OpenWrt and I can't get any of them to work. I'm running OpenWrt 23.05-rc3 on a Reyee AX3200 E5. Can anyone point me in the right direction on the current way to do port mirroring?
Thanks in advance.
Have you seen this ? [Solved] MT7530 DSA Port-mirroring - Installing and Using OpenWrt / Network and Wireless Configuration - OpenWrt Forum
It might not work in virtual machine. You might need to do the mirroring in the vm host ?
Thanks for pointing me to that post, I had seen it but I missed the list of packages needed. Once I got the needed packages installed I was able to run the script to set up mirroring. It looks like it's working, looking at my traffic graphs lan1 looks to be a mirror of br-lan which is what I wanted. I'll follow up once I have SO working and can confirm this is working end to end. Thanks for your help.
I can confirm the SO is now getting all the packets forwarded to it. Thanks again for all your help.
This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.