Turning a Linux machine into an Ethernet tap.

Sometimes you need to sniff traffic between two devices, but don't have a handy Ethenet tab / NetOptics box with you.

You can simply confugure a machine with 2 NICs (or USB-> Ethernet dongles) to act as a bridge, and then tcpdump the bridge interface:

set up a transparent bridge:
brctl addbr br0;
brctl addif br0 eth1;
brctl addif br0 eth2;
ifconfig br0 up;
tcpdump -n -i br0;