[Strange behavior with arp permanent entries]
Vladimir Kapustin
msgs_for_me at mail.ru
Thu Mar 1 15:37:25 UTC 2007
>> On Sat, Feb 10, 2007 at 07:33:30PM +0200, ea at sellinet.net wrote:
>>>
>>> I'm trying to restrict some LAN access by arp permanent entries. But it
>>> didn't work or it didn't work as I realize it. For example I have the
>>> following perm entries:
>>>
>>> user1: (82.199.215.195) at 00:0f:ea:a4:60:c5 on vlan804 permanent [vlan]
>>> user2: (82.199.215.196) at 00:13:8f:b1:68:4b on vlan804 permanent [vlan]
>>>
>>> And from what I realize if the user1 attempts to use user2's IP address.
>>> The Router should block all packets which coming from wrong physical
>>> address. But actually that didn't happen and user1 can use user2's IP
>>> address without any problems.
>>
>> Have you tried using 'staticarp' in this interface's ifconfig(8)
>> settings? If you turn on staticarp, you'll probably need to specify
>> arp entries for ALL hosts on that interface -- or at least, all the
>> ones you care about.
>>
>
>
>Yea, I tried but the situation is the same as it was without
>staticarp..Any other ideas?
May I ask you a question?
Have you already read this?
http://lists.freebsd.org/pipermail/freebsd-net/2007-February/013239.html
More information about the freebsd-isp
mailing list