[prev in list] [next in list] [prev in thread] [next in thread]
List: netfilter
Subject: Re: how to stop broadcasts using iptables
From: Alexander Samad <alex () samad ! com ! au>
Date: 2004-04-28 0:11:37
Message-ID: 20040428001137.GB10829 () samad ! com ! au
[Download RAW message or body]
On Tue, Apr 27, 2004 at 01:50:11PM +0100, David Cannings wrote:
> On Tuesday 27 April 2004 13:35, sschlesi@chello.at wrote:
> > I'm trying to stop broadcasts getting forwarded, but I'm not sure how
> > to do this. i read that *.255 - which are afaik broadcast addresses -
>
> My first question is why are broadcasts getting forwarded anyway? Neither
> ethernet or IP broadcasts should leave your subnet. How and where
> exactly are broadcasts being forwarded?
maybe he is bridging ?
>
> IP addresses ending in .255 are not always broadcast addresses. Any
> subnet larger than class C (/24) can span more than one "block" of 256 IP
> addresses.
>
> > doesnt guarantie that its a broadcast. then i read that its possible by
> > matching the mac address, because broadcast will have ff:ff:ff:ff:ff:ff
> > . but I'm not sure if that's all nonsense.
>
> There is the difference here between an IP broadcast and an ethernet
> broadcast. IP broadcasts are sent to the ethernet broadcast address [1],
> so you may be able to do a MAC match.
>
> According to the manual page I have here, the module "mac" only offers a
> --mac-source option but there are more options in PoM I believe, you may
> want to check the mailing list archives.
>
> David
>
> 1- A ping to the broadcast address on a LAN:
> 13:44:59.765871 0:10:XX:XX:XX:XX Broadcast ip 98: 192.168.0.100 >
> 192.168.0.255: icmp: echo request (DF)
>
>
["signature.asc" (application/pgp-signature)]
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic