Date: Mon, 02 Mar 1998 18:31:21 +0200 From: Raimonds Treimanis <rt@adm.lv> To: freebsd-security@FreeBSD.ORG Subject: ARP Message-ID: <3.0.5.32.19980302183121.0085b330@mail.adm.lv>
next in thread | raw e-mail | index | archive | help
Hello! Can anybody explain me - is it possible to disable dynamic arp discovery on FreeBSD box. I just want that box to accept connections from certain known boxes on LAN and disable any posibility to fake IP address. So, i'm ifconfing ethernet device with -arp otption, which, as written in man, should disable use of ARP, and reading MAC addresses of some listed hosts with 'arp -f somefile' Unfortunately seems that if host is not listed in ARP tables system lookups its address anyway. Only way to avoid it was to write some nonexistent MAC address for those IP address, and it worked while i was trying to connect FROM that FreeBSD box. But if connection was initiated from that other host FreeBSD with great plesure accepted new MAC address for that host, deleting old value in ARP table without any problems, despite all MANs and DOCs :( With best wishes, Raimonds Treimanis. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3.0.5.32.19980302183121.0085b330>