Date: Tue, 29 Feb 2000 15:39:51 +0500 (UZT) From: "Sergey V. Kart" <sergey@GLB.NET> To: "Rodney W. Grimes" <freebsd@gndrsh.dnsmgr.net> Cc: Cy Schubert - ITSD Open Systems Group <Cy.Schubert@uumail.gov.bc.ca>, cjclark@home.com, Lev Serebryakov <lev@imc.macro.ru>, All <freebsd-security@FreeBSD.ORG> Subject: Re: ipfw log accounting Message-ID: <Pine.BSF.4.05.10002291536340.24153-100000@dima.glb.net> In-Reply-To: <200002290814.AAA81399@gndrsh.dnsmgr.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 29 Feb 2000, Rodney W. Grimes wrote:
> > In message <20000228215904.B31743@cc942873-a.ewndsr1.nj.home.com>,
> > "Crist J. Cl
> > ark" writes:
> > > On Tue, Feb 29, 2000 at 01:46:53AM +0300, Lev Serebryakov wrote:
> > > [snip]
> > > > And one more question:
> > > > How could I write rule, which skip all broadcast traffic? My
> > > > computer is on big provider's net, and here is more than one
> > > > broadcast address (many subnets on one wire)...
> > >
> > > Never tried this and haven't glanced at the source to see if it has a
> > > chance of working, but _theoretically_ is there a reason that,
> > >
> > > deny ip from 0.0.0.255:0.0.0.255 to any
> > >
> > > A "reversed" netmask won't work?
> >
> > Been there done that. This works using either IPFW or IP Filter,
> > however you'll want to code it as the following, as the destination is
> > the broadcast address:
>
> Actually you need to be a bit selective, your host is going to have
> a real hard time doing arp's if you block all broadcast packets. Make
> sure you have a directly connected network specific ``allow'' of broadcast
> destinations.
Actually ARP works at 2 Layer of OSI ... If you'll block all broadcast
packets ARP will be working properly !
Signed.
====================================================================
Sergey Kart | GLB.NET ISP Hub Administrator/Telecom Specialist
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.05.10002291536340.24153-100000>