>block in quick on rl0 from 192.168.0.0/16 to any

thanks, I really havent had time to set up my ipf rules, I printed out that 
great "IP based firewalls" by Bredndan Conoboy, and will hopefully get to 
that soon...

Manual wrote
>I guess someone else on on the same segment as you have a machine >directly 
>connected to the cable modem with 192.168.1.2 (this is a common used IP :)

Actually, I set up my brother with the exact same set up on his 
machine....but I figured since we are on two different physical subnets 
thats okay....

So would perhaps changing my subnet interface to a more obscure subnet 
address ?.?.?.?\24 , or one thats different then my brothers help at 
all?.....okay wait I did not mention this.....our cable modem is directly 
connected to the uplink port on a hub....then we both plug into that hub for 
internet access (my rl0)...I dont know if that has anything to do with 
it....since our subnets are on different  interfaces I though they will not 
clash....

is changing my subnet addresses worth a shot?

pete




>From: "James K. Lowden" <jklowden@schemamania.org>
>Reply-To: jklowden@schemamania.org
>To: netbsd-help@netbsd.org
>Subject: Re: /kernel: arp: error message
>Date: Sun, 9 Dec 2001 12:24:38 -0500
>
>On Sun, Dec 09, 2001 at 11:50:50AM -0500, Peter Mancuso wrote:
> > >Of course ed0 and rl0 are connected to different physical networks, 
>rigth ?
> >
> > yes, ed0 is my subnet gateway as  192.168.1.1/24  , 192.168.1.2 is the 
>only
> > machine using it to get out to the net via rl0
> >
> > >This means that another machine, on the network connected to rl0, use
> > >192.168.1.2 as address. It's not your fault.
> > >(if you want you can find the machine using its hardware address)
> >
> > that makes sence.....rl0 is connected to internet cable service...so do 
>the
> > errors(replies not from the expected interface) happen with normal 
>internet
> > use on 192.168.1.2, or is someone intentionaly trying to converse with a
> > computer on my subnet?
>
>Hi Pete,
>
>Let's just say your kernel can't know about someone's intention. ;)
>
>Let's also assume Manuel is right and that your kernel is telling the
>truth: there is a 192.168.1.2 on rl0 for good or ill.
>
>I think you might be able to fix the problem with IPF.  At least, I
>can think of an experiment that will teach us something.  Try
>prepending this line to your ipf.conf:
>
>	block in quick on rl0 from 192.168.0.0/16 to any
>
>That can't do any harm and it might just work.
>
>Questions to the world:  Do cable modem networks create private
>virtual circuits to the "central office" as it were?  If Pete's rl0
>were in promiscuous mode, could he see his neighbors' traffic?  And
>do the terms of service with his provider include the commandment,
>
>"Thou shalt not covet thy neighbor's traffic?"
>
>--jkl


_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp