Hi all,
Please I need to block my IP Adresses that are not in use. That is to only enable the one that are currently in use so as not to allow anybody tap into my network.
Pleas can I get a clue on how to go about it, I seem to be lost.
onubah,
could you please describe in more detail what you mean by in use ?
–Tom
Sounds like you want to turn off arp and set static arp entries for the ones you do allow?
Sam
You can do that (disable ARP completely and setup a static ARP table) or set your interface to ARP-Reply only and setup your arp tables accordingly..
heh
I would never have thought of using ARP to solve this…
I would have fiddled with the firewall settings and blocked the entire IP block in the forward chain (or a sub-chain). Just drop/reject all traffic to/from the entire IP block and then place accept rules for each of the IPs that are allocated to users…
Sure sam,
I want to turn the ARP and then set static ARP table, but I dont seem to know how to go about it.
Thanks for the response to you all, but pls I still need direction.
Paul.
to set the network to arp reply only use this command
ip arp> /interface ethernet set local arp=reply-only
I beleive this will do it for you