I see that this question was asked in the CZ section, but not answered.
Does the switch have the possibility to do port mirroring? I think it would be useful for IDS or other security use.
I’ve also seen using iptables to achieve this on OpenWrt and there are a few tutorials for this, but I was hoping to do something like send that out eth2 using hardware rather than software.
Someone created a package for this for ar71xx.
Is this something that’s possible in the future?
An easy way to do that would be with iptables-mod-tee but that package is not in the package feed (yet).
@miska, would it be possible? Pretty please 
I second this request!
Finaly mirroring to ntopng in lxc container is working for me with daemonlogger.
I followed this guy: http://blog.ry2l.cz/2017/01/suricata-and-turris-omnia/
edit: port-mirroring package does the job too.
That’s great, if you can get suricata to run for an extended length of time.
Suricata would always run for me for a while, then stop for some reason. I never found out why and it’s not important enough for me to find out why.
This also seems like a very heavy way to do something that should have been included in the first place, given the amount of resources suricata takes up.