Avoid ARP requests RHEL/CentOS/SL

Avoid ARP requests RHEL/CentOS/SL

To avoid send or receive arp request we can use arptables, this tool is very similar to iptables

Install arptables

yum install -y arptables

Avoid send ARP requests to specific host

As iptables in arptables you can use -d flag to determine destination.

And if we want to create a rule for the arp packages we send, we must use OUTPUT chain

Example, to avoid sending request to 192.178.1.1:

arptables -A OUTPUT -d 192.178.1.1 -j DROP

Avoid receive ARP requests from specific host

As iptables in arptables you can use -s flag to determine source.

An if we want to create a rule for the arp packages we receive, we must use INPUT chain

Example, to avoid receive request to 192.178.1.1:

arptables -A INPUT -s 192.178.1.1 -j DROP

To make those changes persistents, we must save configuration:

arptables-save  > /etc/sysconfig/arptables

then start and enable arptables service

service arptables start
 
chkconfig arptables on

Deja un comentario