Re: arp table overflow due to windows worm
On Sa, 16.10.2004, 13:39, Benjamin Goedeke wrote:
> ethernet address, namely the one of the upstream router.) So it seems
> arp resolution occurs even though the packets are being dropped. That's
> why I thought the bridge before the firewall could be a good idea. But
> I guess the net gets clogged even before it reaches the bridge.
Yes! That resolution is independend from chain FORWARD.
It look's into the routing table for the next hop of a packet
before using netfilter with FORWARD chain.
And then that could happen I wrote in my message some hours before!