Setting ESETS for scanning of HTTP communication - transparent mode

HTTP scanning is performed using the esets_http daemon. In the [http] section of the ESETS configuration file, set the following parameters:

agent_enabled = yes
listen_addr = "192.168.1.10"
listen_port = 8080

In the example above, ‘listen_addr’ is the address of the local network interface named ‘if0’. Restart the ESETS daemon. The next step is to redirect all HTTP requests to esets_http. If IP-filtering is being performed by the ipchains administration tool, an appropriate rule would be:

ipchains -A INPUT -p tcp -i if0 --dport 80 -j REDIRECT 8080

If IP-filtering is being performed by the iptables administration tool, the rule is:

iptables -t nat -A PREROUTING -p tcp -i if0 --dport 80 -j REDIRECT --to-ports 8080

On FreeBSD, the rule is:

ipfw add fwd 192.168.1.10,8080 tcp from any to any 80 via if0 in