From owner-freebsd-questions Wed Jul 19 17:35:55 2000 Delivered-To: freebsd-questions@freebsd.org Received: from mostgraveconcern.com (mostgraveconcern.com [216.82.145.240]) by hub.freebsd.org (Postfix) with ESMTP id D2F1E37B588 for ; Wed, 19 Jul 2000 17:35:50 -0700 (PDT) (envelope-from dan@mostgraveconcern.com) Received: from danco (danco.mostgraveconcern.com [10.0.0.2]) by mostgraveconcern.com (8.9.3/8.9.3) with SMTP id RAA32380 for ; Wed, 19 Jul 2000 17:35:50 -0700 (PDT) (envelope-from dan@mostgraveconcern.com) Message-ID: <003e01bff1e2$73f80440$0200000a@danco> Reply-To: "Dan O'Connor" From: "Dan O'Connor" To: "freebsd-questions" Subject: ARP & RFC 1918 addresses on outside interface Date: Wed, 19 Jul 2000 17:35:47 -0700 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 4.72.3155.0 X-MimeOLE: Produced By Microsoft MimeOLE V4.72.3155.0 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Greetings all, I have a DSL connection and am using the 10.x.x.x address space for my internal LAN. Lately I have been seeing a lot of: /kernel: arp: 10.0.0.2 is on ep0 but got reply from 00:50:04:87:ab:1e on dc0 in my logs. I do *not* have two network cards connected to the same hub; this is definitely a response from someone else's network leaking out to their DSL connection. I contacted my ISP and they told me there's nothing they can do since the leak occurs at the ATM side of their DSL router and thus can't be filtered out, although such packets don't go beyond the router. I'm using ipfw and natd on my gateway. Are there any rules I can use to block these ARP replies? Any other ideas? Can I block ARP from querying on the DSL interface? Thanks for any help, --Dan -- Dan O'Connor On Matters of Most Grave Concern http://www.mostgraveconcern.com FreeBSD Cheat Sheets http://www.mostgraveconcern.com/freebsd/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message