Mark Plowman wrote:
> I know that the simplicity of setup and maintenance will be a
> significant factor in the decisions about this project, together with
> the fact that client would prefer it all to cost *nothing* - the
> reason my boss quickly queried what LEAF could do ;-)
Well, I'm not sure how simple this would be, but you could use arping to
find out the IP address of a given MAC address and then let the scripts
configure based on this computed IP address.
This would require several things:
1. the RIGHT arping binary :-)
2. programming the system so the firewall rules self-check over time -
or just reconfigure periodically to generate the appropriate rules if an
IP changes. Perhaps just a wrapper script would be enough, in a cron
job - checking IP addresses and creating a new firewall
configuration....
The first is easy. If you grabbed arping off of your nearest Linux box,
it's almost certainly wrong :-) If you get output like:
# arping -h
arping: invalid option -- h
Usage: arping [-fDUAV] [-c count] [-w timeout] [-I device] [-s source]
destination
-f : quit on first reply
-D : duplicate address detection mode
-U : Unsolicited ARP mode, update your neighbours
-A : ARP answer mode, update your neighbours
-V : print version and exit
-c count : how many packets to send
-w timeout : how long to wait for a reply
-I device : which ethernet device to use (eth0)
-s source : source ip address
destination : ask for what ip address
...that's the wrong one. If you get output like:
# arping -h
arping 1.01 [ -qvrRd0bp ] [ -S <host/ip> ] [ -T <host/ip ] [ -s <MAC> ]
[ -t <MAC> ] [ -c <count> ] [ -i <interface> ] <host/ip/MAC
| -B>
...this is the right one. Given a MAC address, this program let's me
"ping" it and gives me an IP besides:
# arping 172.16.3.31
ARPING 172.16.3.31
60 bytes from 00:60:b0:4b:d3:c0 (172.16.3.31): index=0
60 bytes from 00:60:b0:4b:d3:c0 (172.16.3.31): index=1
60 bytes from 00:60:b0:4b:d3:c0 (172.16.3.31): index=2
60 bytes from 00:60:b0:4b:d3:c0 (172.16.3.31): index=3
--- 172.16.3.31 statistics ---
4 packets transmitted, 4 packets received, 0% unanswered
# arping 00:60:b0:4b:d3:c0
ARPING 00:60:b0:4b:d3:c0
60 bytes from 172.16.3.31 (00:60:b0:4b:d3:c0): icmp_seq=0
60 bytes from 172.16.3.31 (00:60:b0:4b:d3:c0): icmp_seq=1
60 bytes from 172.16.3.31 (00:60:b0:4b:d3:c0): icmp_seq=2
60 bytes from 172.16.3.31 (00:60:b0:4b:d3:c0): icmp_seq=3
60 bytes from 172.16.3.31 (00:60:b0:4b:d3:c0): icmp_seq=4
--- 00:60:b0:4b:d3:c0 statistics ---
5 packets transmitted, 5 packets received, 0% unanswered
#
Will this help you? Or perhaps someone else?
There IS an arping.lrp available at
http://leaf.sourceforge.net/pub/oxygen/packages/arping.lrp I believe.
_______________________________________________
Leaf-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
