Re: [users] MAC -> IP?

To: debian-firewall@lists.debian.org
Subject: Re: [users] MAC -> IP?
From: Carel Fellinger <cfelling@iae.nl>
Date: Thu, 21 Jun 2001 18:36:42 +0200
Message-id: <20010621183642.A5086@animus.fel.iae.nl>
Mail-followup-to: debian-firewall@lists.debian.org
In-reply-to: <Pine.HPP.3.95.1010621170734.5316A-100000@elektron.its.tudelft.nl>; from S.Breedveld@ITS.TUDelft.NL on Thu, Jun 21, 2001 at 05:14:52PM +0200
References: <20010621170419.A2814@animus.fel.iae.nl> <Pine.HPP.3.95.1010621170734.5316A-100000@elektron.its.tudelft.nl>

On Thu, Jun 21, 2001 at 05:14:52PM +0200, Sebastiaan wrote:
> Hi,
> On Thu, 21 Jun 2001, Carel Fellinger wrote:
> 
> > On Thu, Jun 21, 2001 at 08:13:03AM +0200, Sebastiaan wrote:
> > ...
> > > That is true. However, it seems like a good idea to filter that way. Will
> > > this do the job?
> > > iptables -P INPUT DROP
> > > iptables -A INPUT -i eth0 -d ! 212.127.242.126 -j DROP
> > 
> > This will drop all legitimate multicast/broadcast too.
> > 
> Does that hurt? I mean, will my/the internet performace go down? What is
> the use of broadcast messages over the internet?

I'm no expert, so be warned, this could be double dutch.

I think it's mainly used for things like streaming video and video
conferencing, and ofcourse the initial step of DHCP/BOOTP ed.  The
latter won't bite you as it is used from your machine to your IPS,
the anwser back has a normal destination adress (as far as I know).

-- 
groetjes, carel

Reply to:

References:
- Re: [users] MAC -> IP?
  - From: Carel Fellinger <cfelling@iae.nl>
- Re: [users] MAC -> IP?
  - From: Sebastiaan <S.Breedveld@ITS.TUDelft.NL>

Prev by Date: Re: [users] MAC -> IP?
Next by Date: Re: iptables
Previous by thread: Re: [users] MAC -> IP?
Next by thread: Routing issues
Index(es):
- Date
- Thread