I’m try to locate where some specific traffic is coming from on a non Mikrotik network. The NetAdmin setup a mirrored port for me. I followed the suggestion on another post and configured a 750GL as follows:
- Connect port 1 to the mirroredport
- Use port 2 for administration purposes
- Set master port to none on ports 4 and 5
- Connect port 4 to the port 5 with cable
- Create bridge, add ports 1 and 4 to the bridge
- Enable IP firewall bridge option and set Protocol Mode to none
- Configure port 1 bridge options: Edge:no, Point-To-Point: no, External FDB: yes
- Configure port 4 bridge options: Edge:no, Point-To-Point: no, External FDB: yes
I can then Torch Ether1 and I see exactly what I want to see the traffic I want to see. However, what need to do is setup a filter to look for new connections to a specific IP address and log those connections with the Source IP/Mac. I’ve tried the Bridge Filter and it will only let me filter an IP if the MAC Port is set to 800 and I get nothing. I’ve set tried to use IP firewall filter rules and don’t see any traffic there either. Any suggestions?
Thanks.