Samuel Olampi
2007-Oct-23 14:15 UTC
Is it possible to stop ARP broadcast with Bridge shorewall ?
Dear shorewall list enthusiasts, I recently set up a dedicated linux box running shorewall in order to isolate my network from the "evil other side" :) It works so well that I first have to thank and congratulate everybody that took part in this project ! Then, I have a question, that separates my setup from "wonderful" to "heaven" : I activated the "bridge" setup of shorewall so that my box is as transparent as possible for all the servers inside and outside my network. I would like to get rid of the "xxxx -> (broadcast) ARP C Who is yyyy?" traffic that is happening on the outside and get repeated on my network, through my shorewall box, because of the bridge setup. How can this be done, if it can be done at all ? New rule ? Blacklisting ? another option in the interface ? Thanks in advance. -- -- Sam ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/
Tom Eastep
2007-Oct-23 14:23 UTC
Re: Is it possible to stop ARP broadcast with Bridge shorewall ?
Samuel Olampi wrote:> Dear shorewall list enthusiasts, > > I recently set up a dedicated linux box running shorewall > in order to isolate my network from the "evil other side" :) > > It works so well that I first have to thank and congratulate > everybody that took part in this project ! > > Then, I have a question, that separates my setup from "wonderful" > to "heaven" : I activated the "bridge" setup of shorewall so > that my box is as transparent as possible for all the servers > inside and outside my network. > > I would like to get rid of the "xxxx -> (broadcast) ARP C Who is yyyy?" > traffic that is happening on the outside and get repeated on my > network, through my shorewall box, because of the bridge setup. > > How can this be done, if it can be done at all ?It cannot be done using anything short of the arpfilter utility. And of course you still have to let the broadcasts through when they relate to one of the hosts on the inside of the firewall. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/
Tom Eastep
2007-Oct-23 14:24 UTC
Re: Is it possible to stop ARP broadcast with Bridge shorewall ?
Tom Eastep wrote:> > It cannot be done using anything short of the arpfilter utility.Sorry -- that should be ''arptables'' utility. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/