[Bridge] Trouble with ARP traffic
Skept
impossibleprobability at gmail.com
Fri Sep 1 01:17:41 PDT 2006
Raffaele
If you don't want to see much arp traffic on eth1, assuming that you
have a subnet 10.190.190.0/24, with 10.190.190.1 on eth1 and the rest
of the hosts on eth0, you can use for example, the following filter
ebtables -N f1
ebtables -P f1 DROP
ebtables -t filter -A FORWARD -i eth0 -o eth1 -p ARP -j f1
ebtables -t filter -A f1 -p ARP --arp-ip-src 10.190.190.0/24
--arp-ip-dst 10.190.190.1 -j ACCEPT
That way you wont see much arp broadcast traffic on eth1. Hope it helps.
Skept
More information about the Bridge
mailing list