sis0 = administrative interface dc0

© SANS Institute 200
8
,
Author retains full rights.
© SANS Institute 200
8
, Author retains full rights.
Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46
Network IDS & IPS Deployment Strategies
Figure 9: Protoype diagram.
Now that we know how to refer to the NIC's we need to create a file for each. To do 
this, commit the following commands, while substituting proper identifiers for your 
NIC's. First make sure these files don't pre-exist (they must only have the word "up" 
in them for our purposes):
rm /etc/hostname.dc0
rm /etc/hostname.dc1
rm /etc/hostname.dc2
rm /etc/hostname.dc3
Next create the files to tell OpenBSD that we want them up with no IP address.
echo up > /etc/hostname.dc0
echo up > /etc/hostname.dc1
echo up > /etc/hostname.dc2
echo up > /etc/hostname.dc3
Nicholas Pappas
39
@ 2021 SANS Institute
Author Retains Full Rights

© SANS Institute 200
8
,
Author retains full rights.
© SANS Institute 200
8
, Author retains full rights.
Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46
Network IDS & IPS Deployment Strategies
Now create two bridges. The first bridge is intended to actually filter traffic deemed 
malicious or otherwise unwanted, and the second is to verify the filter.
echo "add dc0" >> /etc/bridgename.bridge0
echo "add dc1" >> /etc/bridgename.bridge0
echo "up" >> /etc/bridgename.bridge0
echo "add dc2" >> /etc/bridgename.bridge1
echo "add dc3" >> /etc/bridgename.bridge1
echo "up" >> /etc/bridgename.bridge1
We should now see the following output from these commands:
cat /etc/bridgename.bridge0
add dc0
add dc1
up
cat /etc/bridgename.bridge1
add dc2
add dc3
up
Reboot the system by typing the following command:
reboot
Upon boot completion you should have the packets traveling over both bridges.
Install these packages for convenience:
cd /usr/ports/net/wget
make install

Download 2,67 Mb.