On Thu, 2004-08-12 at 04:25, Mike Mestnik wrote: > http://www.derkeiler.com/Mailing-Lists/securityfocus/focus-linux/2002-01/0094.html > > I guess I could be wrong as this doc describes the alias is only used for > arp replys. It(the alias) also automaticaly puts incoming pkts onto the > INPUT table. Thanks for the info!
> Without the alias these pkts WOULD get routed, most probly out the > default route or sent to the local MAC addres. This behaviour can be > acheved with a userlevel APR tool, I use farpd. This may be more secure > as you would need to explicatly DNAT these pkts or they would, after > looping several(30 or less) times, have TTL-time outs. Can't I enable firewall to handle ARP request without installing any other like farpd? What is this /proc/sys/net/ipv4/conf/eth0/proxy_arp for? Is it something to do with this? Regards! Pradeeper -- Debian GNU/Linux Sarge kernel 2.4.22-openmosix-1 Give him an evasive answer.
