Is there any way to identify the address of a device that performs arp spoofing and dropping traffic for such device with a firewall filter in ROS?
In the absense of this would it be possible to add something such as arpwatch (http://en.wikipedia.org/wiki/Arpwatch) to ROS to enable one to add such addresses to an address list which one can then filter?
Although the feature will still be usefull I solved my problem as detailed in the following post:
http://forum.mikrotik.com/t/32-subnet-mask-to-prevent-arp-spoofing/26921/1
ARPWatch is strongly needeed Mikrotik feature for our ISP network.
Where to vote???
+1. It happens at least once a year here. Would be a very good feature to have
+1, arpwatch really need on ROS.
Any news on this request?
What’s different about his and an ARP bridge filter rule with logging enabled?