[j-nsp] Logging MAC addresses
Hannes Gredler
hannes at juniper.net
Tue Apr 1 21:19:38 EST 2003
On Tue, Apr 01, 2003 at 05:58:05PM +0200, Arjan Hulsebos wrote:
| Logging MAC addresses
|
| All,
|
| We're seeing from time to time spoofed packets hitting the firewall filters.
| Sometimes at rates that it's becoming a nuisance. Hence, we'd like to know
| who's sending all this garbage. On a Cisco, there's the log-input keyword.
| So far, I haven't found the Juniper equivalent of that. Have any of you?
unfortunately the IO manager ASIC strips away link-layer information;
so at the time the packets hits the firewalling engine we do not have
source MAC addresses available anymore;
assuming that it is a non-peer that is causing this i'd recommend to
turn on MAC address filtering;
/hannes
More information about the juniper-nsp
mailing list