Cannot get Snort listen on a second network interface (creating a gateway)

[Henry Collins <hcol1987 () gmail com>]

I have a small subnet that consists of several computers. I want these
computers to configure in such a way that they would use my gateway to
access each other and the external internet.

There is already a gateway working in the subnet, but it doesn't have Snort
installed. It's ip is 10.165.17.1

I am working on creating another gateway that would use the upper gateway
to serve computers in the subnet, but this gateway would receive packets
from computers in the subnet. In this way, I want to instruct Snort to
listen on for example eth1, which would be used for computers in the subnet
and eth0 for communication with the subnet's gateway (10.165.17.1). How is
it done?

Here is a short overview of my network:

Gateways:
10.165.17.1 (has access to external internet and computers in the subnet)
10.165.17.70 (is used by computers in the subnet as gateway and uses
10.165.17.1 as its gateway)

Computers:
10.165.17.60 (gateway: 10.165.17.70)
10.165.17.61 (gateway: 10.165.17.70)
and so on...

This is my /etc/network/interfaces so far. However, eth1 doesn't get an IP.
How do I fix this? I want to make Snort listen on eth1:

# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
auto eth0
iface eth0 inet static
address 10.165.17.66
gateway 10.165.17.1
dns-nameservers 10.165.0.10 10.165.0.11
netmask 255.255.255.0
broadcast 10.165.17.255

# The secondary network interface
auto eth1
iface eth1 inet static
address 10.165.17.70
gateway 10.165.17.1
dns-nameservers 10.165.0.10 10.165.0.11
netmask 255.255.255.0
broadcast 10.165.17.255

This is output from ifconfig:

eth0      Link encap:Ethernet  HWaddr 00:0c:29:83:e8:ff
          inet addr:10.165.17.66  Bcast:10.165.17.255  Mask:255.255.255.0
          inet6 addr: fe80::20c:29ff:fe83:e8ff/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:137 errors:0 dropped:21 overruns:0 frame:0
          TX packets:12 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:16987 (16.9 KB)  TX bytes:928 (928.0 B)

eth1      Link encap:Ethernet  HWaddr 00:0c:29:83:e8:09
          inet6 addr: fe80::20c:29ff:fe83:e809/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:92 errors:0 dropped:11 overruns:0 frame:0
          TX packets:8 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:9675 (9.6 KB)  TX bytes:648 (648.0 B)

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

------------------------------------------------------------------------------
Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
from Actuate! Instantly Supercharge Your Business Reports and Dashboards
with Interactivity, Sharing, Native Excel Exports, App Integration & more
Get technology previously reserved for billion-dollar corporations, FREE
http://pubads.g.doubleclick.net/gampad/clk?id=190641631&iu=/4140/ostg.clktrk

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!