[ale] arp requests from cable modem
Robert Heaven
robertheaven at mediaone.net
Fri Dec 29 23:24:20 EST 2000
Do you have something like this?
ipchains -A input -p icmp -i eth0 -s $MY_SUBNET/$MY_NETMASK -d 0.0.0.0/0 -j
ACCEPT
ipchains -A input -p icmp -i eth0 -s 0.0.0.0/0 -d 0.0.0.0/0 -j DENY
ipchains -A input -p tcp -i eth0 -s 0.0.0.0/0 -d 0.0.0.0/0 1:1023 -j DENY
ipchains -A input -p udp -i eth0 -s 0.0.0.0/0 -d 0.0.0.0/0 1:1023 -j DENY
ipchains -A input -p tcp -i eth0 -y -j DENY -l
This seems to work for me. If I do a tcpdump on eth0 (cable modem side) I
can see the arp's coming in but, they're dumped in the bit bucket by the
ipchains rules.
----- Original Message -----
From: Gary S. Mackay <Gary at EdisonInfo.com>
To: ale at ale.org
To: <ale at ale.org>
Sent: Friday, December 29, 2000 6:45 PM
Subject: [ale] arp requests from cable modem
> I just started receiving all kinds of "...arp who has...." traffic comming
in
> my cable modem. What port is that stuff on so I can block it? Is it
possible
> to block? I have a pretty solid (at least I like to think so) firewall
script,
> but obviously I'm missing something.
>
> - Gary
>
>
> --
> ----------------------------------------------------------------------
> Edison Information Technologies www.EdisonInfo.com
> P.O. Box 554 Gary at EdisonInfo.com
> Milan, OH 44846-0554 419.499.7040
> --
> To unsubscribe: mail majordomo at ale.org with "unsubscribe ale" in message
body.
--
To unsubscribe: mail majordomo at ale.org with "unsubscribe ale" in message body.
More information about the Ale
mailing list