Date: Tue, 19 May 1998 15:27:03 -0700 (PDT) From: Doug White <dwhite@gdi.uoregon.edu> To: Karl Pielorz <kpielorz@tdx.co.uk> Cc: questions@FreeBSD.ORG Subject: Re: ARP's - Overriden even if marked 'permanent'? Message-ID: <Pine.BSF.3.96.980519152409.11841a-100000@gdi.uoregon.edu> In-Reply-To: <35614547.1B4DCAC7@tdx.co.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 19 May 1998, Karl Pielorz wrote: > Doug White wrote: > > > I don't think so. ARP is sort of arbitrary anyway, if it gets new > > information it'll overwrite it. It's `permanent' in the sense that it > > won't expire it from the ARP cache and do ARP queries. > > Hmmm, so it's doing my security no good whatsoever - as even if I do mark > the stuff permanent it will get overwritten... Exactly my point. Permanent doesn't include overwriting/updating with more current info, it just keeps the entry from being expired & deleted. > This kinda looks as if it's true - as if I set the arp's manually on my > Cisco router - it _doesn't_ overwrite them (i.e. if I change a network card > in a machine it can't talk to the Cisco)... > Is there anyway of using IPFW to block incoming ARP's for addresses I've > marked permanent (assuming I know the IP addresses in advance)? Any reason you don't want the arp entry to get eaten? The assumption being that if someone changes the nic in their machine, your machine will notice any ARP requests for the MAC and any responses and update itself. If two people are gobbling one IP then your BSD box will make a syslog note when an ARP request gets two replies. Doug White | University of Oregon Internet: dwhite@resnet.uoregon.edu | Residence Networking Assistant http://gladstone.uoregon.edu/~dwhite | Computer Science Major To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.980519152409.11841a-100000>