diff options
| author | Yaroslav Tykhiy <ytykhiy@gmail.com> | 2005-10-03 01:47:43 +0000 |
|---|---|---|
| committer | Yaroslav Tykhiy <ytykhiy@gmail.com> | 2005-10-03 01:47:43 +0000 |
| commit | 7aebc5e86e09fa082b50a3ae4e8f2733b02e35c6 (patch) | |
| tree | fe985399329ae4e20989877f4657a8522c218a9e /sys/net/if.c | |
| parent | 5032ff8197ca16c71be7befb4a3e32282831dee6 (diff) | |
| download | src-7aebc5e86e09fa082b50a3ae4e8f2733b02e35c6.tar.gz src-7aebc5e86e09fa082b50a3ae4e8f2733b02e35c6.zip | |
Log a message about entering or leaving permanently promiscuous mode,
as it is done for usual promiscuous mode already. This info is important
because promiscuous mode in the hands of a malicious party can jeopardize
the whole network.
Notes
Notes:
svn path=/head/; revision=150844
Diffstat (limited to 'sys/net/if.c')
| -rw-r--r-- | sys/net/if.c | 16 |
1 files changed, 10 insertions, 6 deletions
diff --git a/sys/net/if.c b/sys/net/if.c index b5c829580e49..bc51abea2138 100644 --- a/sys/net/if.c +++ b/sys/net/if.c @@ -1266,14 +1266,18 @@ ifhwioctl(u_long cmd, struct ifnet *ifp, caddr_t data, struct thread *td) if_up(ifp); splx(s); } + /* See if permanently promiscuous mode bit is about to flip */ + if ((ifp->if_flags ^ new_flags) & IFF_PPROMISC) { + if (new_flags & IFF_PPROMISC) + ifp->if_flags |= IFF_PROMISC; + else if (ifp->if_pcount == 0) + ifp->if_flags &= ~IFF_PROMISC; + log(LOG_INFO, "%s: permanently promiscuous mode %s\n", + ifp->if_xname, + (new_flags & IFF_PPROMISC) ? "enabled" : "disabled"); + } ifp->if_flags = (ifp->if_flags & IFF_CANTCHANGE) | (new_flags &~ IFF_CANTCHANGE); - if (new_flags & IFF_PPROMISC) { - /* Permanently promiscuous mode requested */ - ifp->if_flags |= IFF_PROMISC; - } else if (ifp->if_pcount == 0) { - ifp->if_flags &= ~IFF_PROMISC; - } if (ifp->if_ioctl) { IFF_LOCKGIANT(ifp); (void) (*ifp->if_ioctl)(ifp, cmd, data); |