[Bridge] ARP spoofing.
Etienne Pretorius
etiennep at kingsley.co.za
Sun Nov 26 12:33:10 PST 2006
Hello all.
I know this does not directly relay to Ethernet bridging but I need some
advise... anyone want to give me some info/help on the subject.
In the interest of multipath routing I need to know if it is possible to
do a one-way arp spoof. Lets start with the machines layout...
br1------ADSL
br2------cisco router-----serial line.
br0-----Internal network.
I already have ebtables setup to do the following:
# Make this the router for all packets from our networks.
# " MAC destination is the router, IP destination is the actual box
# you want to communicate with. (That's how routing works) " - EBTABLES
$EBT -t broute -A BROUTING --logical-in $NWIF -p IPv4 --destination !
$NWIF_MAC \
-j dnat --to-destination $NWIF_MAC
Now.... I would like the "cisco router" to have a second ip address in
the same range as the internal network on eth0. My desire is to make the
gw's on all of the internal network machines point to the cisco router's
ip address and would like ARP packets to pass between the internal
network and the cisco router only. Obviously I will drop all packet
attempting to access the cisco router's second ip address if not from
br0. So is it possible to make this machine spoof the arp packets
because I have 2 such machines working in the network and I see this as
a seemless way to setup multipath routing to survive if one of these
machines fail.
--
Kind Regards
Etienne
More information about the Bridge
mailing list