On May 29, 2009, at 2:36 PM, Sebastien Roy wrote:
On Fri, 2009-05-29 at 11:30 -0700, Peter Memishian wrote:
I see, but it seems to me like that's something that ipfilter could
handle that more effectively.
IP Filter can filter ARP traffic? Or are you suggesting using IP
filter
to filter all traffic that isn't from a bounded set of IP addresses?
In any case, I agree there are other ways to do this.
The latter; ARP isn't useful nor harmful on its own if IP can't move
packets.
I've *heard* of cases where people desire to have a stealth network
sniffer, which I suppose would entail silencing arp on the promiscuous
interfaces involved. Surely not a huge or overriding use case.
/dale
I wonder if someone actually depends on this behavior, which is
always
a tough question...
It wouldn't surprise me to discover this has been used -- e.g., some
customers use Cisco PVLANs to accomplish a similar thing. That
said, I
wouldn't object to removing this ability.
Same here.
-Seb
_______________________________________________
networking-discuss mailing list
[email protected]
_______________________________________________
networking-discuss mailing list
[email protected]
