00:0f:ea:d2:44:a4 192.168.1.1 - server MAC-IP pair
00:d0:b7:b5:ca:6b 192.168.1.10 - client MAC-IP pair
00:40:f4:53:e3:7d 192.168.1.66 - pirate MAC-IP pair
de:ad:6b:a8:de:5b - ipguard fake MAC
#### Normal ARP session
################################
## request client gratuitous
who-has 192.168.1.1 tell 192.168.1.1 requ client broadcast
must not be answered
## request client -> server
who-has 192.168.1.1 tell 192.168.1.10 requ client broadcast
reply 192.168.1.1 is-at 00:0f:ea:d2:44:a4 resp server to client
## request server -> client
who-has 192.168.1.10 tell 192.168.1.1 requ server broadcast
reply 192.168.1.10 is-at 00:d0:b7:b5:ca:6b resp client to server
#### Denied ARP by ipguard -n 2 fxp0
################################
## request pirate gratuitous
who-has 192.168.1.66 tell 192.168.1.66 requ pirate broadcast
reply 192.168.1.66 is-at de:ad:6b:a8:de:5b resp ipguard to pirate
reply 192.168.1.66 is-at de:ad:6b:a8:de:5b resp ipguard to pirate
reply 192.168.1.66 is-at de:ad:6b:a8:de:5b resp ipguard to pirate
## request pirate -> server
who-has 192.168.1.1 tell 192.168.1.66 requ pirate broadcast
reply 192.168.1.1 is-at 00:0f:ea:d2:44:a4 resp server to pirate
reply 192.168.1.1 is-at de:ad:6b:a8:de:5b resp ipguard to pirate
reply 192.168.1.1 is-at de:ad:6b:a8:de:5b resp ipguard to pirate
reply 192.168.1.66 is-at de:ad:6b:a8:de:5b resp ipguard to pirate
#### Denied ARP by ipguard -x -n 2 fxp0
################################
## request pirate gratuitous
same as previous example
## request pirate -> server
same as previous example
## request server -> pirate
who-has 192.168.1.66 tell 192.168.1.1 requ server broadcast
reply 192.168.1.66 is-at 00:40:f4:53:e3:7d resp pirate to server
reply 192.168.1.66 is-at de:ad:6b:a8:de:5b resp ipguard to server
reply 192.168.1.66 is-at de:ad:6b:a8:de:5b resp ipguard to server
#### Denied ARP by ipguard -z -x -n 2 fxp0
################################
## request pirate (from client IP) gratuitous
who-has 192.168.1.10 tell 192.168.1.10 requ pirate broadcast
reply 192.168.1.10 is-at 00:d0:b7:b5:ca:6b resp client to pirate
reply 192.168.1.10 is-at de:ad:6b:a8:de:5b resp ipguard to pirate
reply 192.168.1.10 is-at de:ad:6b:a8:de:5b resp ipguard to pirate
reply 192.168.1.10 is-at de:ad:6b:a8:de:5b resp ipguard to pirate
who-has 192.168.1.10 tell 192.168.1.10 requ fix ipguard broadcast
with client MAC-IP
## request pirate (from client IP) -> server
who-has 192.168.1.1 tell 192.168.1.10 requ pirate broadcast
reply 192.168.1.1 is-at 00:0f:ea:d2:44:a4 resp server to pirate
reply 192.168.1.1 is-at de:ad:6b:a8:de:5b resp ipguard to pirate
reply 192.168.1.1 is-at de:ad:6b:a8:de:5b resp ipguard to pirate
reply 192.168.1.10 is-at de:ad:6b:a8:de:5b resp ipguard to pirate
who-has 192.168.1.10 tell 192.168.1.10 requ fix ipguard broadcast
with client MAC-IP
## request pirate gratuitous
who-has 192.168.1.66 tell 192.168.1.66 requ pirate broadcast
reply 192.168.1.66 is-at de:ad:6b:a8:de:5b resp ipguard to pirate
reply 192.168.1.66 is-at de:ad:6b:a8:de:5b resp ipguard to pirate
reply 192.168.1.66 is-at de:ad:6b:a8:de:5b resp ipguard to pirate
who-has 192.168.1.66 tell 192.168.1.66 requ poison ipguard broadcast
with fake MAC
## request pirate -> server
who-has 192.168.1.1 tell 192.168.1.66 requ pirate broadcast
reply 192.168.1.1 is-at 00:0f:ea:d2:44:a4 resp server to pirate
reply 192.168.1.1 is-at de:ad:6b:a8:de:5b resp ipguard to pirate
reply 192.168.1.1 is-at de:ad:6b:a8:de:5b resp ipguard to pirate
reply 192.168.1.66 is-at de:ad:6b:a8:de:5b resp ipguard to pirate
who-has 192.168.1.66 tell 192.168.1.66 requ poison ipguard broadcast
with fake MAC
## $Id: README.tcpdump,v 1.1 2012/02/21 21:59:41 misho Exp $
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to README.tcpdump CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / ipguard / doc