On Tue, Jan 5, 2010 at 9:58 AM, Andrew Lunn andrew@lunn.ch wrote:
BPF for outgoing packets? Different. I've only ever seen it used for filtering incoming packets. ARP requests for *.*.*.1? I don't get that. There should only be one host in the subnet which matches *.*.*.1/24, so its going to reply anyway. What are you trying to achieve here?
BPF because it's already in the kernel and has a rule language. Rules to match "all DHCP packets, and IPv6 router solicitations" are easy to write, and people who want to do something different/wierd don't need to rebuild their kernels.
If it makes any more sense, substitute *.*.*.1 for "something matching the IPs I use for gateways". Aim: make it harder for people to configure their PCs to respond to those ARPs and break the network. Although for a mobile node whose DHCP lease hasn't yet expired I can see that causing problems. But if it's just a BPF filter then you can experiment with rules like these fairly easily.
donald