Can anybody Help - IP Address Blocking

onubah · Tue Jun 14, 2005 9:12 pm

Hi all,

Please I need to block my IP Adresses that are not in use. That is to only enable the one that are currently in use so as not to allow anybody tap into my network.

Pleas can I get a clue on how to go about it, I seem to be lost.

tneumann · Tue Jun 14, 2005 11:51 pm

onubah,

could you please describe in more detail what you mean by in use ?

--Tom

changeip · Wed Jun 15, 2005 3:50 am

Sounds like you want to turn off arp and set static arp entries for the ones you do allow?

Sam

wildbill442 · Wed Jun 15, 2005 5:30 am

Sounds like you want to turn off arp and set static arp entries for the ones you do allow?

Sam

You can do that (disable ARP completely and setup a static ARP table) or set your interface to ARP-Reply only and setup your arp tables accordingly..

RaynMan · Wed Jun 15, 2005 10:50 am

heh

I would never have thought of using ARP to solve this...

I would have fiddled with the firewall settings and blocked the entire IP block in the forward chain (or a sub-chain). Just drop/reject all traffic to/from the entire IP block and then place accept rules for each of the IPs that are allocated to users...

onubah · Wed Jun 15, 2005 8:55 pm

Sure sam,

I want to turn the ARP and then set static ARP table, but I dont seem to know how to go about it.

Thanks for the response to you all, but pls I still need direction.

Paul.

sankofa411 · Sun Jun 19, 2005 11:35 pm

to set the network to arp reply only use this command
ip arp> /interface ethernet set local arp=reply-only

I beleive this will do it for you