Arp settings, Arpmatchenetsender, Arpquerynosenderip – D-Link DFL-2500 User Manual
Page 312: Arpsenderip, Unsolicitedarpreplies, Arprequests, Arpchanges, Staticarpchanges
13.4. ARP Settings
ARPMatchEnetSender
Determines if NetDefendOS will require the sender address at Ethernet level to comply with the
hardware address reported in the ARP data.
Default: DropLog
ARPQueryNoSenderIP
What to do with ARP queries that have a sender IP of 0.0.0.0. Such sender IPs are never valid in
responses, but network units that have not yet learned of their IP address sometimes ask ARP
questions with an "unspecified" sender IP.
Default: DropLog
ARPSenderIP
Determines if the IP sender address must comply with the rules in the Access section.
Default: Validate
UnsolicitedARPReplies
Determines how NetDefendOS will handle ARP replies that it has not asked for. According to the
ARP specification, the recipient should accept these. However, because this can facilitate hijacking
of local connections, it is not normally allowed.
Default: DropLog
ARPRequests
Determines if NetDefendOS will automatically add the data in ARP requests to its ARP table. The
ARP specification states that this should be done, but as this procedure can facilitate hijacking of
local connections, it is not normally allowed. Even if ARPRequests is set to "Drop", meaning that
the packet is discarded without being stored, NetDefendOS will, provided that other rules approve
the request, reply to it.
Default: Drop
ARPChanges
Determines how NetDefendOS will deal with situations where a received ARP reply or ARP request
would alter an existing item in the ARP table. Allowing this to take place may facilitate hijacking of
local connections. However, not allowing this may cause problems if, for example, a network
adapter is replaced, as NetDefendOS will not accept the new address until the previous ARP table
entry has timed out.
Default: AcceptLog
StaticARPChanges
Determines how NetDefendOS will handle situations where a received ARP reply or ARP request
would alter a static item in the ARP table. Of course, this is never allowed to happen. However, this
setting does allow you to specify whether or not such situations are to be logged.
Default: DropLog
13.4. ARP Settings
Chapter 13. Advanced Settings
312