Andrew, good day!
> The check for ARP happens before the ipfw layer2 code so it isnt
> currently possible to filter them.
>
> switch (ether_type) {
> case ETHERTYPE_ARP:
> case ETHERTYPE_REVARP:
> return (0); /* Automatically pass */
I am a bit confused because in the another thread (also created by
Jon Otterholm) you've answered that
-----
The only way that you will be able to filter ARP packets is by setting
pfil_onlyip=0, ipfw=1 and use the IPFW layer2 filtering.
-----
citing the same code. Am I understand something incorrectly or these
two answers do contradict with each other?
--
Eygene
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
