Date: Wed, 14 Feb 2007 12:02:51 +0200 (EET) From: ea@sellinet.net To: "Jim Long" <isp@museum.rain.com> Cc: ea@sellinet.net, freebsd-isp@freebsd.org Subject: Re: [Strange behavior with arp permanent entries] Message-ID: <59187.82.199.192.218.1171447371.squirrel@82.199.192.218> In-Reply-To: <20070210182015.GA9234@ns.umpquanet.com> References: <2947.82.199.223.6.1171128810.squirrel@82.199.223.6> <20070210182015.GA9234@ns.umpquanet.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> On Sat, Feb 10, 2007 at 07:33:30PM +0200, ea@sellinet.net wrote: >> >> I'm trying to restrict some LAN access by arp permanent entries. But it >> didn't work or it didn't work as I realize it. For example I have the >> following perm entries: >> >> user1: (82.199.215.195) at 00:0f:ea:a4:60:c5 on vlan804 permanent [vlan] >> user2: (82.199.215.196) at 00:13:8f:b1:68:4b on vlan804 permanent [vlan] >> >> And from what I realize if the user1 attempts to use user2's IP address. >> The Router should block all packets which coming from wrong physical >> address. But actually that didn't happen and user1 can use user2's IP >> address without any problems. > > Have you tried using 'staticarp' in this interface's ifconfig(8) > settings? If you turn on staticarp, you'll probably need to specify > arp entries for ALL hosts on that interface -- or at least, all the > ones you care about. > Yea, I tried but the situation is the same as it was without staticarp..Any other ideas? Regards, E.A. > HTH, > > Jim > _______________________________________________ > freebsd-isp@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" > -------------------------------------------------------------- SELLINET Internet Services Provider - http://www.sellinet.net/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?59187.82.199.192.218.1171447371.squirrel>