Le ven 30/05/2003 à 17:31, Bobby Guerra a écrit : > I have noticed my production subnets broadcasts and ARP request are > leaking into my DMZ. ARP stuff is not supposed to be routed across different networks... > My goal is to keep the DMZ clean of all but > necessary communication. Is their a way to filter ARP and broadcasts? > If so could you please give syntax. Thanks for any help you may give. Netfilter has no userspace code to filter ARP. However, you can use ebtables that provides full ARP filtering on a bridged interface. http://ebtables.sourceforge.net/ -- Cédric Blancher <blancher@xxxxxxxxxxxxxxxxxx> IT systems and networks security - Cartel Sécurité Phone : +33 (0)1 44 06 97 87 - Fax: +33 (0)1 44 06 97 99 PGP KeyID:157E98EE FingerPrint:FA62226DA9E72FA8AECAA240008B480E157E98EE
