promisc vdsm hook
=================
Hook provide ability to mirror/redirect other VMs network traffic to a single VM.

Hook is getting network (bridge) name and mode: prmisc=blue:mirror,red:redirect and
set the current running VM in promiscuous mode, ie: mirror all blue traffic to current VM

syntax:
1. promisc=blue:mirror
    # mirror monitoring the network blue (all traffic will goto the VMs interface and the network)
2. promisc=vnet0:redirect
    # redirect vm traffic to vnet0 interface (all traffic will goto the VMs interface,
    # and the its the VM responsibility to redirect the traffic back to the VM)

redirect mode:
**************
In redirect mode with tc we filter the vm interface,
NOTE:
currently the redirect is redirecting vm interface and not the bridge like the mirror
mode does, if you use the bridge interface in redirect mode you can lose the network
connection to the server!

vnet0 = security vm
vnet1 = the vm which we want to monitor its traffic

add filter:
$ ifconfig blue promisc
$ tc qdisc add dev vnet1 ingress
$ tc filter add dev vnet1 parent ffff: protocol ip u32 match u8 0 0 action mirred egress redirect dev vnet0
$ tc qdisc replace dev vnet1 parent root prio
$ id=`tc qdisc show dev vnet1 | grep prio | awk '{print $3}'`
$ tc filter add dev vnet1 parent $id protocol ip u32 match u8 0 0 action mirred egress redirect dev vnet0

remove filter:
$ tc qdisc del dev vnet1 root
$ tc qdisc del dev vnet1 ingress
$ ifconfig blue -promisc

in-line (redirect) mode with ebtables sample:
********************************************
1. use redirect instead of mirror for in-line mode (ie don't copy the packets
    forward it to ifaceName and he will redirect them)
2. redirect (not mirror) with ebtables:
    need to change the mac address of the packets from monitored interface to
    the monitoring interface. (the ip stay the same, so this way you know that the
    packets are not meant to the monitoring machine).

    set the bridge in promisc mode
    $ ifconfig <netwok name> promisc
    traffic to the monitoring machine
    $ ebtables -t nat -A PREROUTING -d 00:1a:4a:16:01:51 -i eth0 -j dnat --to-destination 00:1a:4a:16:01:11
    traffic from the monitoring machine
    $ ebtables -t nat -A PREROUTING -s 00:1a:4a:16:01:51 -i vnet0 -j dnat --to-destination 00:1a:4a:16:01:11
