Stranges with ARP
Jeremie Le Hen
jeremie at le-hen.org
Fri Aug 12 08:52:43 GMT 2005
Hi Claudio, Steve,
> > While user is blocked by _our_ generated MAC! Btw, could anyone advice
> > me how to block user IP block without touching ipfw (I think to use
> > route + ``-blackhole' to that user that have no his MAC in my ARP
> > table), any ideas?
I'm just wondering why you don't want to use ipfw ? If it is for
performance reasons, you have to know that ipfw is really fast and
is intended to be run on routers. Have a look at this post [1].
> Come on have a look at the MAC address. d1:fa:28:ec:87:98. Ja ja ja d1.
> Remember the multicast bit of 802.11? No, its the LSB of the first octet.
> So your outgoing pings are actually multicasts.
Good catch ! :-)
[1] http://lists.freebsd.org/pipermail/freebsd-ipfw/2005-July/001934.html
Regards,
--
Jeremie Le Hen
< jeremie at le-hen dot org >< ttz at chchile dot org >
More information about the freebsd-net
mailing list