Hello all, help me to create firewall rule that drop Gratuitous arp.
Gratuitous ARP request is an AddressResolutionProtocol request packet where the source and destination IP are both set to the IP of the machine issuing the packet and the destination MAC is the broadcast address ff:ff:ff:ff:ff:ff.
So basically you can add bridge filter to drop packets according to src/dst and mac address
yes, i know that, but i need to drop about 1500 ip, if i can use address-list in bridge firewall - it would be very nice, but we can use address-list only in ip firewall.
in bridge settings you can enable use-ip-firewall and filter out packets using ip filters.
theoretically it should work.
)) i think about that, but in ip firewall MT only have src-mac-address, but i need dst-mac-address (FF:FF:FF:FF:FF:FF)