[BACK]Return to README.tcpdump CVS log [TXT] [DIR] Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / ipguard / doc
File:  [ELWIX - Embedded LightWeight unIX -] / embedaddon / ipguard / doc / README.tcpdump
Revision 1.1: download - view: text, annotated - select for diffs - revision graph
Tue Feb 21 21:59:41 2012 UTC (12 years, 4 months ago) by misho
CVS tags: MAIN, HEAD
Initial revision

    1: 
    2: 00:0f:ea:d2:44:a4       192.168.1.1     - server MAC-IP pair
    3: 00:d0:b7:b5:ca:6b       192.168.1.10    - client MAC-IP pair
    4: 00:40:f4:53:e3:7d       192.168.1.66    - pirate MAC-IP pair
    5: de:ad:6b:a8:de:5b                       - ipguard fake MAC
    6: 
    7: #### Normal ARP session
    8: ################################
    9: 
   10: ## request client gratuitous
   11: 
   12: who-has 192.168.1.1 tell 192.168.1.1            requ client broadcast
   13:                                                 must not be answered
   14: 
   15: ## request client -> server
   16: 
   17: who-has 192.168.1.1 tell 192.168.1.10           requ client broadcast
   18: reply 192.168.1.1 is-at 00:0f:ea:d2:44:a4       resp server to client
   19: 
   20: ## request server -> client
   21: 
   22: who-has 192.168.1.10 tell 192.168.1.1           requ server broadcast
   23: reply 192.168.1.10 is-at 00:d0:b7:b5:ca:6b      resp client to server
   24: 
   25: #### Denied ARP by ipguard -n 2 fxp0
   26: ################################
   27: 
   28: ## request pirate gratuitous
   29: 
   30: who-has 192.168.1.66 tell 192.168.1.66          requ pirate broadcast
   31: reply 192.168.1.66 is-at de:ad:6b:a8:de:5b      resp ipguard to pirate
   32: reply 192.168.1.66 is-at de:ad:6b:a8:de:5b      resp ipguard to pirate
   33: reply 192.168.1.66 is-at de:ad:6b:a8:de:5b      resp ipguard to pirate
   34: 
   35: ## request pirate -> server
   36: 
   37: who-has 192.168.1.1 tell 192.168.1.66           requ pirate broadcast
   38: reply 192.168.1.1 is-at 00:0f:ea:d2:44:a4       resp server to pirate
   39: reply 192.168.1.1 is-at de:ad:6b:a8:de:5b       resp ipguard to pirate
   40: reply 192.168.1.1 is-at de:ad:6b:a8:de:5b       resp ipguard to pirate
   41: reply 192.168.1.66 is-at de:ad:6b:a8:de:5b      resp ipguard to pirate
   42: 
   43: #### Denied ARP by ipguard -x -n 2 fxp0
   44: ################################
   45: 
   46: ## request pirate gratuitous
   47: 
   48:     same as previous example
   49: 
   50: ## request pirate -> server
   51: 
   52:     same as previous example
   53: 
   54: ## request server -> pirate
   55: 
   56: who-has 192.168.1.66 tell 192.168.1.1           requ server broadcast
   57: reply 192.168.1.66 is-at 00:40:f4:53:e3:7d      resp pirate to server
   58: reply 192.168.1.66 is-at de:ad:6b:a8:de:5b      resp ipguard to server
   59: reply 192.168.1.66 is-at de:ad:6b:a8:de:5b      resp ipguard to server
   60: 
   61: #### Denied ARP by ipguard -z -x -n 2 fxp0
   62: ################################
   63: 
   64: ## request pirate (from client IP) gratuitous
   65: 
   66: who-has 192.168.1.10 tell 192.168.1.10          requ pirate broadcast
   67: reply 192.168.1.10 is-at 00:d0:b7:b5:ca:6b      resp client to pirate
   68: reply 192.168.1.10 is-at de:ad:6b:a8:de:5b      resp ipguard to pirate
   69: reply 192.168.1.10 is-at de:ad:6b:a8:de:5b      resp ipguard to pirate
   70: reply 192.168.1.10 is-at de:ad:6b:a8:de:5b      resp ipguard to pirate
   71: who-has 192.168.1.10 tell 192.168.1.10          requ fix ipguard broadcast
   72:                                                 with client MAC-IP
   73: 
   74: ## request pirate (from client IP) -> server
   75: 
   76: who-has 192.168.1.1 tell 192.168.1.10           requ pirate broadcast
   77: reply 192.168.1.1 is-at 00:0f:ea:d2:44:a4       resp server to pirate
   78: reply 192.168.1.1 is-at de:ad:6b:a8:de:5b       resp ipguard to pirate
   79: reply 192.168.1.1 is-at de:ad:6b:a8:de:5b       resp ipguard to pirate
   80: reply 192.168.1.10 is-at de:ad:6b:a8:de:5b      resp ipguard to pirate
   81: who-has 192.168.1.10 tell 192.168.1.10          requ fix ipguard broadcast
   82:                                                 with client MAC-IP
   83: 
   84: ## request pirate gratuitous
   85: 
   86: who-has 192.168.1.66 tell 192.168.1.66          requ pirate broadcast
   87: reply 192.168.1.66 is-at de:ad:6b:a8:de:5b      resp ipguard to pirate
   88: reply 192.168.1.66 is-at de:ad:6b:a8:de:5b      resp ipguard to pirate
   89: reply 192.168.1.66 is-at de:ad:6b:a8:de:5b      resp ipguard to pirate
   90: who-has 192.168.1.66 tell 192.168.1.66          requ poison ipguard broadcast
   91:                                                 with fake MAC
   92: 
   93: ## request pirate -> server
   94: 
   95: who-has 192.168.1.1 tell 192.168.1.66           requ pirate broadcast
   96: reply 192.168.1.1 is-at 00:0f:ea:d2:44:a4       resp server to pirate
   97: reply 192.168.1.1 is-at de:ad:6b:a8:de:5b       resp ipguard to pirate
   98: reply 192.168.1.1 is-at de:ad:6b:a8:de:5b       resp ipguard to pirate
   99: reply 192.168.1.66 is-at de:ad:6b:a8:de:5b      resp ipguard to pirate
  100: who-has 192.168.1.66 tell 192.168.1.66          requ poison ipguard broadcast
  101:                                                 with fake MAC
  102: 
  103: ##  $Id: README.tcpdump,v 1.1 2012/02/21 21:59:41 misho Exp $
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>