Julian , Martin I´ve succesfully tested the ebtables experiment doing dnat and writing specific mac instead of all FF´s to the arp querys it works fine if some one want see the small cap file is available at http://megaserv.homeip.net/arp.cap regards and thanks again for your help --- Julian Anastasov <ja@xxxxxx> wrote: > > Hello, > > On Fri, 4 Apr 2003, Martin A. Brown wrote: > > > : I´m working in a briding enviroment and i want > to be sure that my arp > > : requests outgoing a bridge interface will be > hear by only one specific > > : device (because of security reason) > > Victor, what about trying something similar to the > example > in the ebtables docs: > > ebtables -t nat -A PREROUTING -d ff:ff:ff:ff:ff:ff > -i eth0 -j dnat --to-destination 54:44:33:22:11:00 > > > : are there any way to re-write the > ff:ff:ff:ff:ff:ff on this arp request > > : so they appears like a unicast? > > > > I imagine that Julian will jump in here and reply > to you, but I thought > > I'd point you to ip arp, an add-on tool Julian has > written for iproute2. > > > > http://www.ssi.bg/~ja/#iparp > > iparp can not see these packets (layer 2) but for > other > purposes probes can be originated with unicast dst > MAC in this way: > > ip arp add table output to 1.2.3.4 lldst > 00:11:22:33:44:55 > > > : Do de ip stack understand this "unicast" arp > request? > > Yes but at MAC level the ARP code cares only for > unicast/broadcast, no matter the actual dst MAC of > the received > packet. > > Regards > > -- > Julian Anastasov <ja@xxxxxx> > > _______________________________________________ > LARTC mailing list / LARTC@xxxxxxxxxxxxxxx > http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ __________________________________________________ Do you Yahoo!? Yahoo! Tax Center - File online, calculators, forms, and more http://tax.yahoo.com
