* The proper way to protect against ARP poisoning is with controls on
your switches preventing it from occurring.
* Static ARP is impractical and ineffective in this circumstance (and
most others for that matter).
Chris, I respect and agree with what you said but,
What I don't understand is. where m0n0wall keep the files I upload?
* If someone wants to ARP poison that network, this won't stop anyone
from poisoning the client PCs,
* and you aren't going to be able to maintain static ARP on every PC.
Hence you can't truly deploy static ARP
I am using software to provide static arp entry on the client PCs
Not all of them but most. Now I need to protect the m0n0wall it self
From being spoofed.
And so there are worms and viruses that use arp.
Yes It is really a major headache to maintain.
I did not try building my own image, as m0n0wall almost fit.
But I wish to have this feature in next m0n0wall beta image.