From owner-freebsd-questions Wed Jan 3 23:28:50 2001 From owner-freebsd-questions@FreeBSD.ORG Wed Jan 3 23:28:47 2001 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from travelunie.nl (unknown [194.151.81.2]) by hub.freebsd.org (Postfix) with ESMTP id BAE5B37B402 for ; Wed, 3 Jan 2001 23:28:46 -0800 (PST) Received: from interscan2.travelunie.nl ([150.0.0.100]) by ds1.travelunie.nl with SMTP id <119047>; Thu, 4 Jan 2001 08:28:35 +0100 Received: from 150.0.0.50 by interscan2.travelunie.nl (InterScan E-Mail VirusWall NT); Thu, 04 Jan 2001 08:32:55 +0100 (Romance Standard Time) Received: from C01076 ([150.0.71.4]) by mailens.travelunie.nl (Netscape Messaging Server 4.15) with SMTP id G6MNFI00.46B; Thu, 4 Jan 2001 08:28:30 +0100 Message-ID: <000d01c07620$56d36720$04470096@C01076> From: "Weert de G.H. Gert" To: Cc: References: <003301c0755c$1d3f42a0$04470096@C01076> <20010103013334.C95729@rfx-64-6-211-149.users.reflexco> <005001c0756c$9377e5c0$04470096@C01076> <20010103134745.A12102@rfx-64-6-211-149.users.reflexco> Subject: Re: Arp messages, probably nothing to worry about... Date: Thu, 4 Jan 2001 08:31:23 +0100 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4133.2400 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG ----- Original Message ----- From: "Crist J. Clark" To: "Weert de G.H. Gert" Cc: Sent: Wednesday, January 03, 2001 10:47 PM Subject: Re: Arp messages, probably nothing to worry about... > On Wed, Jan 03, 2001 at 11:04:35AM +0100, Weert de G.H. Gert wrote: > > > > ----- Original Message ----- > > From: "Crist J. Clark" > > To: "Weert de G.H. Gert" > > Cc: > > Sent: Wednesday, January 03, 2001 10:33 AM > > Subject: Re: Arp messages, probably nothing to worry about... > > > > > > > On Wed, Jan 03, 2001 at 09:06:45AM +0100, Weert de G.H. Gert wrote: > > [snip] > > > > > Dec 28 13:31:12 obelix /kernel: arp: 192.168.1.3 is on ep0 but got > > > > reply from 00 > > > > :10:5a:dc:21:cb on ep1 > > > > > > Since the MAC address is different from the one off of ep0 and also > > > different from the next one, my best guess is some other luzer on > > > your LAN has plugged his "private" network into a hub along with the > > > connection to his cable modem. His "private" network is part of the > > > public LAN. > > > > Ok. But I have a couple of firewallrules to block this. At least I > > thought it is. > > > > # Stop RFC1918 nets on the outside interface > > /sbin/ipfw add 200 deny all from 192.168.0.0/16 to any in via ep1 > > /sbin/ipfw add 210 deny all from 172.16.0.0/12 to any in via ep1 > > /sbin/ipfw add 220 deny all from 10.0.0.0/8 to any in via ep1 > > # > > These will have no impact on your ARP messages. ipfw works, as the > name suggests, at the IP layer. ARP is a link layer protocol. It is > processed in the kernel before it gets to the firewall. This is not a > bug. Ok, arp messages are processed before they hit the firewall. These rules do not have any impact on arp messages. > [snip] > > > > > ; ------------------------------ > > > > [root@obelix] /var/log # arp -a > > > > obelix.wnw.org (192.168.1.1) at 0:50:4:1a:ab:a0 permanent > > [ethernet] > > > > asterix.wnw.org (192.168.1.2) at (incomplete) [ethernet] > > > > idefix.wnw.org (192.168.1.3) at 0:60:8c:df:c5:2 [ethernet] > > > > ? (192.168.1.255) at ff:ff:ff:ff:ff:ff permanent [ethernet] > > > > ? (213.51.104.1) at 0:50:f:a9:a0:1c [ethernet] > > > > > > And this MAC is different from the two above. Looks like your cable > > > modem is acting like a real bridge. What kind is it? > > > > It's a (standard) com21 cable modem. > > Which one from: > > http://www.com21.com/products/cable_modems/index.htm I think I'm using a 'comport2000'. > If you don't mind my curiosity. > -- > Crist J. Clark cjclark@alum.mit.edu Cheers, Gert de Weert To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message