static ARP
Alexei Evdokimov
alexei at pptus.ru
Thu Sep 25 23:14:56 PDT 2003
On Wed, 24 Sep 2003 vezku at surfeu.fi wrote:
> I was thinking about the following scenario. I have one interface in my
> BSD router that serves a private network.
>
> Is it possible to disable ARP on that interface and make static ARP
> entries on router? I'm looking for a way to allow only certain MAC
> addresses to access via this interface. I do know it's only false
> security, but it would prevent people adding easily unauthorized
> computers. And since there are only about 10 comps in this particular
> network, maintaining static ARP entries would not be worksome.
>
> I would not like to get into bridging if this works.
Parameter -arp will disable ARP on the interface:
ifconfig ... -arp
To set static ARP table write authorized pairs ip:mac in a file
and load it it in the table:
arp -f file
--
Alexei Evdokimov
alexei at pptus.ru
More information about the freebsd-isp
mailing list