Re: Static ARP table in Linux

From: Christoph Scheurer (chris_at_rebmatt.ch)
Date: 12/13/03

  • Next message: Cedric Blancher: "Re: Static ARP table in Linux"
    To: focus-linux@securityfocus.com
    Date: 13 Dec 2003 20:25:21 +0100
    
    

    Am Fre, 2003-12-12 um 21.41 schrieb Bill Nash:

    > Well, your 'static arp table' *IS* a cache of known addresses, for all
    > intents and purposes. You may have better luck leaving the ARP table alone
    > and using some functional equivalent of BSD's ethfw to permit known MAC
    > addresses (This is also an excellent way of controlling what oozes across
    > your wireless bridges.)

    With iptables, it's with the option " -m mac --mac-source
    XX.XX:XX:XX:XX:XX " in the INPUT,FORWARD and PREROUTING Chains.

    Greets
    Chris

    -- 
    Christoph Scheurer <chris@rebmatt.ch>
    

  • Next message: Cedric Blancher: "Re: Static ARP table in Linux"