static ARP

Alexei Evdokimov alexei at
Thu Sep 25 23:14:56 PDT 2003

On Wed, 24 Sep 2003 vezku at wrote:

> I was thinking about the following scenario. I have one interface in my
> BSD router that serves a private network.
> Is it possible to disable ARP on that interface and make static ARP
> entries on router? I'm looking for a way to allow only certain MAC
> addresses to access via this interface. I do know it's only false
> security, but it would prevent people adding easily unauthorized
> computers. And since there are only about 10 comps in this particular
> network, maintaining static ARP entries would not be worksome.
> I would not like to get into bridging if this works.

Parameter -arp will disable ARP on the interface:

    ifconfig ... -arp

To set static ARP table write authorized pairs ip:mac in a file
and load it it in the table:

    arp -f file

Alexei Evdokimov
alexei at

More information about the freebsd-isp mailing list