Date: Fri, 26 Sep 2003 10:14:52 +0400 (MSD) From: Alexei Evdokimov <alexei@pptus.ru> To: freebsd-isp@freebsd.org Subject: Re: static ARP Message-ID: <20030926095646.E96986@avalon.pptus.ru> In-Reply-To: <4878.62.142.81.6.1064386090.squirrel@redbull.tiscali.fi> References: <4878.62.142.81.6.1064386090.squirrel@redbull.tiscali.fi>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 24 Sep 2003 vezku@surfeu.fi wrote:
> I was thinking about the following scenario. I have one interface in my
> BSD router that serves a private network.
>
> Is it possible to disable ARP on that interface and make static ARP
> entries on router? I'm looking for a way to allow only certain MAC
> addresses to access via this interface. I do know it's only false
> security, but it would prevent people adding easily unauthorized
> computers. And since there are only about 10 comps in this particular
> network, maintaining static ARP entries would not be worksome.
>
> I would not like to get into bridging if this works.
Parameter -arp will disable ARP on the interface:
ifconfig ... -arp
To set static ARP table write authorized pairs ip:mac in a file
and load it it in the table:
arp -f file
--
Alexei Evdokimov
alexei@pptus.ru
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030926095646.E96986>