Mikrotik 751G-2HnD has the Atheros8327 chipset. The manual states under "Hardware Support" that it has "Switch chip configuration support" and the SwOS manual states this:

"Port Mirroring
Port mirroring lets switch 'sniff' all traffic that is going in and out of one port (mirror-source) and send a copy of those packets out of some other port (mirror-target). This feature can be used to easily set up a 'tap' device that receives all traffic that goes in/out of some specific port. Note that mirror-source and mirror-target ports have to belong to same switch. (See which port belong to which switch in /interface ethernet switch port menu). Also mirror-target can have a special 'cpu' value, which means that 'sniffed' packets should be sent out of switch chips cpu port. Port mirroring happens independently of switching groups that have or have not been set up."

I know the 751G-2HnD is a router but I am guessing the switch functionality is still present and supported in the router OS the same as it is in the switch OS.

So my main question is; can someone verify if the Mikrotik 751G-2HnD can be configured to "span" or "port mirror" multiple ports onto one? I.e.: mirror ports 1-4 onto port 5 for pcap captures/analysis.

I am mainly concerned with wired traffic but I would also like to know if WIFI traffic would also get mirrored in this process or is that traffic handled separately by the router? I guess it would have to allow for mirroring via wlan1 to ether5...

Ok, I'm tired and rambling... To the point, I would like to know if I can configure the device to capture in the following configurations (each setting would be a separate configuration, not all at once):
ether1 on ether5?
wlan0 or wlan1 (whatever the wifi interface designation is...) on ether5?
ether1 + wlan1 on ether5?
ether1 + ether3 on ether5?
ether1:ether4 on ether5?
ether1:ether4 + wlan1 on ether5?
ether1 + ether3 + wlan1 on ether5?
vlan1 on ether5?
vlan1 + vlan3 on ether5?
vlan1:vlan4 on ether5?
vlan1 + ether3 on ether5?
vlan1 + wlan1 on ether5?




Thank you,
James

It looks like you can mirror any physical ethernet port to another physical ethernet port. However, the MikroTiks have a built in packet capture client. It can capture all traffic coming into or going out of a port and allow you to view it with the built in packet capture client, or save it to a file and you can play with it on another box. If you need to do a long or a large packet capture, this probably won't be what you are looking for because of the limited size of the SD card.