Re: [Ebtables-user] drop arp reply for LVS

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

On Monday 16 February 2004 23:14, Cahya Wirawan wrote:
> thanks for the hints, I tried it and it works with a normal interface,
> but I can't block traffic from/into loopback device.
> so if I have alias in loopback device with:
> ifconfig lo:1 192.168.0.2 broadcast 192.168.0.2 netmask 255.255.255.255
> arptables -A INPUT -i lo -j DROP
> arptables -A OUTPUT -o lo -j DROP
>
> I can still ping 192.168.0.2 from another computer.

You need to use -i ethx, not -i lo. This should work:
arptables -A INPUT -i eth0 -d 192.168.0.2 -j DROP

cheers,
Bart