http://sourceforge.net/projects/ebtables/files/arptables/
Tar xvzf arptables-v0.0.4.tar.gz
CD arptables-v0.0.4
Make
Make install
Command program
[[Email protected]~]# ls/usr/local/sbin/arptables*
/usr/local/sbin/arptables
/usr/local/sbin/arptables-restore
/usr/local/sbin/arptables-save
Startup scripts
/etc/rc.d/init.d/arptables
[Email protected] arptables-v0.0.4]# arptables-a input-i eth0--src-ip 172.16.1.254--src-mac! Cc:00:04:fc:00:00-j DROP
[Email protected] arptables-v0.0.4]# arptables-l-N
Chain INPUT (Policy ACCEPT)
-j drop-i eth0-s 172.16.1.254! --src-mac cc:00:04:fc:00:00
Chain OUTPUT (Policy ACCEPT)
Chain FORWARD (Policy ACCEPT)
[Email protected] arptables-v0.0.4]# Arptables-save
*filter
: INPUT ACCEPT
: OUTPUT ACCEPT
: FORWARD ACCEPT
-A input-j drop-i eth0-s 172.16.1.254! --src-mac cc:00:04:fc:00:00
[Email protected] arptables-v0.0.4]# Arptables-save>/etc/sysconfig/arptables
[[Email protected] arptables-v0.0.4]# service arptables start
Start ARP Filtering (arptables): [OK]
[[Email protected]~]# arptables-save
*filter
: INPUT ACCEPT
: OUTPUT ACCEPT
: FORWARD ACCEPT
-A input-j drop-i eth0-s 172.16.1.254! --src-mac cc:01:05:10:00:00
Arptables-save>/etc/sysconfig/arptables
This article is from the "Dance Flying" blog, please make sure to keep this source http://xiaofeixia.blog.51cto.com/521300/1567330
Use Arptables to block ARP spoofing under Linux-light dance