[Dnsmasq-discuss] --script-arp question
0zl
0zl at riseup.net
Wed Apr 12 06:51:36 UTC 2023
On 4/12/23 09:09, 0zl wrote:
> On 4/12/23 08:19, Geert Stappers wrote:
>> On Wed, Apr 12, 2023 at 02:03:22AM +0300, 0zl wrote:
>>> On 4/12/23 01:59, 0zl wrote:
>>>> Second I don't understand how this works exactly, I intend to create a
>>>> script that adds a permanent arp entry to make me more resilient to ARP
>>>> spoofing attacks, should I create the entry on arp add/old and remove on
>>>> del; OR use these arp-add and arp-del actions to do the same.
>>> Replying to myself because I made a typo in this paragraph. I meant to say:
>>> "should I create the ARP entry on the add/old action and remove on del"
>> Experiment
>>
>>
>> Groeten
>> Geert Stappers
>
> This dhcp-script seems to work just fine, not sure what the point of
> arp-add/arp-del is though:
>
> #!/bin/sh
> action=$1 hw_addr=$2 hostname=$3
> case $action in
> add|old) arp -s $hostname $hw_addr ;;
> del) arp -d $hostname ;;
> esac
>
>
> _______________________________________________
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss at lists.thekelleys.org.uk
> https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
UPDATE: `--script-arp` is ABSOLUTELY not what you want in this case.
What it does is execute the dhcp-script with arp-add/del action whenever
a new entry to the ARP table is added, that includes those spoofed/not
authorized by the DHCP server (I've just tested it). What is needed in
this case is the add/old and del events, DO NOT use --script-arp in this
case.
Best regards
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20230412/ebd40534/attachment-0001.htm>
More information about the Dnsmasq-discuss
mailing list