[j-nsp] Logging MAC addresses
Niels Bakker
niels=juniper-nsp at bakker.net
Mon Apr 7 01:42:44 EDT 2003
Hello Arjan,
* ahulsebos at corp.home.nl (Arjan Hulsebos) [Sun 06 Apr 2003, 19:36 CEST]:
> We're seeing from time to time spoofed packets hitting the firewall filters.
> Sometimes at rates that it's becoming a nuisance. Hence, we'd like to know
> who's sending all this garbage. On a Cisco, there's the log-input keyword.
> So far, I haven't found the Juniper equivalent of that. Have any of you?
I assume you're talking about an Internet exchange point context here.
Unfortunately, in JunOS architecture, the moment a packet arrives at the
firewall filters no information about source MAC address is available
anymore.
-- Niels.
--
More information about the juniper-nsp
mailing list