On Sun, Dec 09, 2001 at 12:24:38PM -0500, James K. Lowden wrote:
> Hi Pete, 
> 
> Let's just say your kernel can't know about someone's intention. ;)
> 
> Let's also assume Manuel is right and that your kernel is telling the
> truth: there is a 192.168.1.2 on rl0 for good or ill.  
> 
> I think you might be able to fix the problem with IPF.  At least, I
> can think of an experiment that will teach us something.  Try
> prepending this line to your ipf.conf:
> 
> 	block in quick on rl0 from 192.168.0.0/16 to any
> 	
> That can't do any harm and it might just work.

It won't block ARP packets, but it is a good policy to have such rules
in place anyway.

> 
> Questions to the world:  Do cable modem networks create private
> virtual circuits to the "central office" as it were?  If Pete's rl0
> were in promiscuous mode, could he see his neighbors' traffic?  And
> do the terms of service with his provider include the commandment,
> 
> "Thou shalt not covet thy neighbor's traffic?"

No, cable network behaves as a broadcast medium (e.g. plain old ethernet).
So he can see his neighbors' traffic from his interface.

--
Manuel Bouyer <bouyer@antioche.eu.org>
--