Short reply--gotta run, Don't forget that the "ip arp" utility works in conjunction with the other ARP management features of the kernel, so you do not want to use arp_filter while using "ip arp" (in this case). Snipped from iparp.txt: The ARP filtering rules are considered only when the ARP code is ready to reply to remote ARP request or to send ARP request. As result, the default action for tables "input" and "forward" depends on other things such as device flags (rp_filter, arp_filter, medium_id, proxy_arp) and the routing rules. If the default action is to ignore the remote ARP request the ARP rules are not analyzed. For table output the default action is always allow. Good luck, -Martin -- Martin A. Brown --- SecurePipe, Inc. --- mabrown@securepipe.com
