Date: Fri, 12 Aug 2005 10:52:51 +0200 From: Jeremie Le Hen <jeremie@le-hen.org> To: Claudio Jeker <cjeker@diehard.n-r-g.com>, freebsd-net@freebsd.org, Steve Langdon <steve.langdon@mail.ru> Subject: Re: Stranges with ARP Message-ID: <20050812085251.GB45385@obiwan.tataz.chchile.org> In-Reply-To: <20050810141938.GF31018@diehard.n-r-g.com> References: <E1E2qIp-000NEB-00.steve-langdon-mail-ru@f24.mail.ru> <20050810141938.GF31018@diehard.n-r-g.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi Claudio, Steve, > > While user is blocked by _our_ generated MAC! Btw, could anyone advice > > me how to block user IP block without touching ipfw (I think to use > > route + ``-blackhole' to that user that have no his MAC in my ARP > > table), any ideas? I'm just wondering why you don't want to use ipfw ? If it is for performance reasons, you have to know that ipfw is really fast and is intended to be run on routers. Have a look at this post [1]. > Come on have a look at the MAC address. d1:fa:28:ec:87:98. Ja ja ja d1. > Remember the multicast bit of 802.11? No, its the LSB of the first octet. > So your outgoing pings are actually multicasts. Good catch ! :-) [1] http://lists.freebsd.org/pipermail/freebsd-ipfw/2005-July/001934.html Regards, -- Jeremie Le Hen < jeremie at le-hen dot org >< ttz at chchile dot org >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050812085251.GB45385>