Static ARP table in Linux

From: Gil Disatnik (gil_at_disatnik.com)
Date: 12/11/03

  • Next message: Bill Nash: "Re: Static ARP table in Linux" 
    Date: Thu, 11 Dec 2003 10:25:20 +0200
To: focus-linux@securityfocus.com

    Hello,

    I am trying to have a firewall running with a static arp table for it's
    local network (I know I know... MAC can easily be changed. The users behind
    this firewall are not that advanced, all I want is that people will not be
    able to simply plug in a machine and get net access from it...)
    Back to business - when bringing up an interface with -arp, it's not only
    preventing the machine from adding new MAC entries to it's arp cache, but
    it's also stopping it from advertising it's very own MAC address.

    Is there a way to prevent the arp cache from being filled yet to still be
    able to advertise my own MAC?
    I thought about simply forcing the MAC addresses I know into the cache
    (perm) and to also add those I don't know with a bogus MAC, that's a really
    ugly workaround though.

    Any suggestions?

    Thanks.

    Regards

    Gil Disatnik
    UNIX system administrator.

    GibsonLP@EFnet
    http://gil.disatnik.com

    _-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_
    apt-get install slackware
    --------------------------------------------------------------------
    "Windows NT has detected mouse movement, you MUST restart
    your computer before the new settings will take effect, [ OK ]"
    --------------------------------------------------------------------
    Windows is a 32 bit patch to a 16 bit GUI based on a 8 bit operating
    system, written for a 4 bit processor by a 2 bit company which can
    not stand 1 bit of competition.
    -_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-

  • Next message: Bill Nash: "Re: Static ARP table in Linux"

    Relevant Pages

    • Re: [SLE] ethereal
      ... ARP is "address resolution protocol". ... ethernet connections are between hardware or MAC addresses, ... address of your ethernet card -- and obviously (I hope it's obvious ... most often consisting only of your gateway. ...
      (SuSE)
    • Re: Pure IP & ARP broadcasts
      ... It actually communicates via the MAC address of the Nics (aka Layer2 ... what the ARP request does. ... A host has a packet to send, it has the IP# and nothing else. ... But if the owner of the IP# is not on that segment then the Router replies ...
      (microsoft.public.windows.server.networking)
    • Re: problem with router---NAT and caching?
      ... It is called the ARP table. ... > sender need not do any ARP requests since the association between MAC ... You can wait for those ARP cache entries to time out. ... It will then issue an ARP request, ...
      (comp.os.vms)
    • Re: [SLE] ethereal
      ... > to directly actually need to know the MAC ... > will respond with an ARP Reply giving your MAC address. ... > most often consisting only of your gateway. ... > minute of the day the gateway knows what ethernet card is using those ...
      (SuSE)
    • Re: get ip from mac
      ... mean that i have the mac address of a machine and i want to known the ip address of that mac id or machine..... ... A typical scenario is first to ping the machine, or attempt to open a socket, to ensure that the ARP cache has an entry for the machine in question. ... I think you'd need to do something like craft an IP packet which had the broadcast address as a destination, then send it to the right MAC address using a raw socket. ...
      (comp.lang.java.programmer)