Re: Rewrite MAC-adr on outgoing packages?

To: debian-firewall@lists.debian.org
Subject: Re: Rewrite MAC-adr on outgoing packages?
From: Lars Hallberg <lah@micropp.se>
Date: Wed, 24 Jan 2001 21:26:43 +0100
Message-id: <[🔎] 20010124212643.A32675@micropp.se>
Mail-followup-to: debian-firewall@lists.debian.org
In-reply-to: <[🔎] 14959.12682.472542.142798@kapi.internal>; from bm@acm.org on Wed, Jan 24, 2001 at 02:48:26PM -0500
References: <[🔎] 20010123220154.A19902@micropp.se> <[🔎] 20010124103035.A5338@wohnheim.fh-wedel.de> <[🔎] 20010124123843.A12497@micropp.se> <[🔎] 20010124181523.B13369@wohnheim.fh-wedel.de> <[🔎] 20010124185654.A17507@micropp.se> <[🔎] 20010124202408.A26348@wohnheim.fh-wedel.de> <[🔎] 14959.12682.472542.142798@kapi.internal>

On Wed, Jan 24, 2001 at 02:48:26PM -0500, Bulent Murtezaoglu wrote:
> 
> Proxy ARP:  I am a router with two ethernet interfaces, eth1 and eth2
> with networks n1 and n2 respectively.  Someone on eth1 makes an
> ARP query (see above) for an address a2 in n2, now _I_ say 
> "a2's MAC address is M" on eth1, where M is _my_ MAC address.  So the
> packet comes to me, and I forward it to the proper machine on eth2.

Yes, and if I don't do this my machine will report (out on eth1) what  
MAC address match a2 on the eth2 net! This is truly bad in my case.

So MAC addresses from NIC:s conected to the eth2 net can be reported 
out on eth1. I want to stop this. Proxy ARP shuld solve the ARP problem, 
but it seams to be more pakages going the same way. I do beleve it is 
brodkasting stuff and responses to that, but I realy don't know :-(

Guess it hard to stop things You don't know exactly what it is.

A firewall with default deny and then alowing everthing used 
might work?

Thanks /Lars

-- 
Lars Hallberg                         Micro++  www.micropp.se/
Freeware * C/C++ * Python * Linux * Debian * HTML * Javascript

Reply to:

Follow-Ups:
- Re: Rewrite MAC-adr on outgoing packages?
  - From: Bulent Murtezaoglu <bm@acm.org>

References:
- Rewrite MAC-adr on outgoing packages?
  - From: Lars Hallberg <lah@micropp.se>
- Re: Rewrite MAC-adr on outgoing packages?
  - From: Jörn Engel <joern@wohnheim.fh-wedel.de>
- Re: Rewrite MAC-adr on outgoing packages?
  - From: Lars Hallberg <lah@micropp.se>
- Re: Rewrite MAC-adr on outgoing packages?
  - From: Jörn Engel <joern@wohnheim.fh-wedel.de>
- Re: Rewrite MAC-adr on outgoing packages?
  - From: Lars Hallberg <lah@micropp.se>
- Re: Rewrite MAC-adr on outgoing packages?
  - From: Jörn Engel <joern@wohnheim.fh-wedel.de>
- Re: Rewrite MAC-adr on outgoing packages?
  - From: Bulent Murtezaoglu <bm@acm.org>

Prev by Date: Re: Rewrite MAC-adr on outgoing packages?
Next by Date: Re: Rewrite MAC-adr on outgoing packages?
Previous by thread: Re: Rewrite MAC-adr on outgoing packages?
Next by thread: Re: Rewrite MAC-adr on outgoing packages?
Index(es):
- Date
- Thread