#!/bin/bash
declare gw=`route -n | grep -e '^0.0.0.0'`
declare gwn
ame=`echo $gw | grep -oe '\w*$'`
declare gwip=`echo $gw | grep -oe '[0-9]\{2,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}'`
declare gwmac=`arp -n | grep -e $gwip | grep -oe '[0-9A-F]\{2\}:[0-9A-F]\{2\}:[0-9A-F]\{2\}:[0-9A-
F]\{2\}:[0-9A-F]\{2\}:[0-9A-F]\{2\}'`
echo "sw
ITch $gwname arp: $gwip - $gwmac to
static"
arp
-s $gwip $gwmac
echo "done, off arp reuqest
.."
if
config $gwname -arp
echo "all done."
之类的,好像不能防止arp攻击。 再一看arptables,立马想到了iptables,装上一看,果然,命令行都一模一样。 可是问题来了,保持本机不受arp攻击很
interface destination-U Unsolicited ARP mode to update neighbours' ARP caches. No replies are e
ected.
arping -U -I eth0 -s 192.168.1.1 192.168.1.255