> I have a machine using 2 interfaces, eth1 - gigabit, eth0 - 100 mbit.
> Using FedoraCore 6(.90).
> This machine will be running snort on eth1, so what I want is for all
> traffic that the machine needs/initiated from the machine (ping/
> traceroute/connecting to sites etc..) to go through eth0.
> Basically eth1 will *only* used for snort to sniff the network, while
> management etc uses eth0.
> eth1 and eth0 have different ip-adresses on different vlan with
> different gateways.
> Since I am a Solaris admin, I am not that familiar on how to proceed
> in Fedora to accomplish this task.
> So I am asking for any help to solve this matter of routing everything
> through eth0.

Start by turning eth1 off. Don't give it an IP address, and don't turn
it on at boot time. Just before you start snort, bring eth1 up using
ifconfig eth1 up

I'm assuming here that snort will listen on eth1 even if it doesn't have
an IP address. I haven't tried this with snort. I know it works with
ethereal/wireshark, tcpdump and other packet sniffers.