Re: how to stop broadcasts using iptables

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, Apr 27, 2004 at 01:50:11PM +0100, David Cannings wrote:
> On Tuesday 27 April 2004 13:35, sschlesi@xxxxxxxxx wrote:
> > I'm trying to stop broadcasts getting forwarded, but I'm  not sure how
> > to do this. i read that *.255 - which are afaik broadcast addresses -
> 
> My first question is why are broadcasts getting forwarded anyway?  Neither 
> ethernet or IP broadcasts should leave your subnet.  How and where 
> exactly are broadcasts being forwarded?

maybe he is bridging ?

> 
> IP addresses ending in .255 are not always broadcast addresses.  Any 
> subnet larger than class C (/24) can span more than one "block" of 256 IP 
> addresses.
> 
> > doesnt guarantie that its a broadcast. then i read that its possible by
> > matching the mac address, because broadcast will have ff:ff:ff:ff:ff:ff
> > . but I'm not sure if that's all  nonsense.
> 
> There is the difference here between an IP broadcast and an ethernet 
> broadcast.  IP broadcasts are sent to the ethernet broadcast address [1], 
> so you may be able to do a MAC match.
> 
> According to the manual page I have here, the module "mac" only offers a 
> --mac-source option but there are more options in PoM I believe, you may 
> want to check the mailing list archives.
> 
> David
> 
> 1- A ping to the broadcast address on a LAN:
> 13:44:59.765871 0:10:XX:XX:XX:XX Broadcast ip 98: 192.168.0.100 > 
> 192.168.0.255: icmp: echo request (DF)
> 
> 

Attachment: signature.asc
Description: Digital signature


[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux