From owner-freebsd-security  Mon May 22 11:15:23 2000
Delivered-To: freebsd-security@freebsd.org
Received: from arf.bussert.COM (arf.bussert.com [209.183.67.130])
	by hub.freebsd.org (Postfix) with ESMTP id 2D0AB37BC77
	for <freebsd-security@freebsd.org>; Mon, 22 May 2000 11:15:19 -0700 (PDT)
	(envelope-from matheny@bussert.com)
Received: from localhost (matheny@localhost)
	by arf.bussert.COM (8.9.3/8.9.3) with ESMTP id NAA08688;
	Mon, 22 May 2000 13:44:46 -0500 (EST)
	(envelope-from matheny@bussert.com)
Date: Mon, 22 May 2000 13:44:46 -0500 (EST)
From: Blake Matheny <matheny@bussert.com>
To: Andre Gironda <andre@sun4c.net>
Cc: freebsd-security@freebsd.org
Subject: Re: Firewall Rules
In-Reply-To: <20000522110814.A5867@toaster.sun4c.net>
Message-ID: <Pine.BSF.4.10.10005221343190.8672-100000@arf.bussert.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

I'm thinking of writing something that utilizes something like arpwatch to
keep an eye on mac/ip address mappings. Then if a mac address changes ip
it get's added to a list which is filtered by ipfw. Does anyone know of
something like this or have any other suggestions?

Blake Matheny
Bussert Consulting
Network Engineer
(765)423-2100
matheny@bussert.com




To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message