Date: Thu, 1 Mar 2007 18:35:19 +0300 From: Vladimir Kapustin <msgs_for_me@mail.ru> To: freebsd-isp@freebsd.org Subject: [Strange behavior with arp permanent entries] Message-ID: <1422719080.20070301183519@mail.ru> References: 20070210182015.GA9234@ns.umpquanet.com
next in thread | raw e-mail | index | archive | help
>> On Sat, Feb 10, 2007 at 07:33:30PM +0200, ea at sellinet.net wrote: >>> >>> I'm trying to restrict some LAN access by arp permanent entries. But it >>> didn't work or it didn't work as I realize it. For example I have the >>> following perm entries: >>> >>> user1: (82.199.215.195) at 00:0f:ea:a4:60:c5 on vlan804 permanent [vlan] >>> user2: (82.199.215.196) at 00:13:8f:b1:68:4b on vlan804 permanent [vlan] >>> >>> And from what I realize if the user1 attempts to use user2's IP address. >>> The Router should block all packets which coming from wrong physical >>> address. But actually that didn't happen and user1 can use user2's IP >>> address without any problems. >> >> Have you tried using 'staticarp' in this interface's ifconfig(8) >> settings? If you turn on staticarp, you'll probably need to specify >> arp entries for ALL hosts on that interface -- or at least, all the >> ones you care about. >> > > >Yea, I tried but the situation is the same as it was without >staticarp..Any other ideas? May I ask you a question? Have you already read this? http://lists.freebsd.org/pipermail/freebsd-net/2007-February/013239.html
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1422719080.20070301183519>