diff options
| -rw-r--r-- | sys/netinet/if_ether.c | 17 | ||||
| -rw-r--r-- | usr.sbin/arp/arp.4 | 9 |
2 files changed, 19 insertions, 7 deletions
diff --git a/sys/netinet/if_ether.c b/sys/netinet/if_ether.c index 23ee42992feb..28f7d440e8e6 100644 --- a/sys/netinet/if_ether.c +++ b/sys/netinet/if_ether.c @@ -570,6 +570,7 @@ arpintr(struct mbuf *m) */ static int log_arp_wrong_iface = 1; static int log_arp_movements = 1; +static int log_arp_permanent_modify = 1; SYSCTL_INT(_net_link_ether_inet, OID_AUTO, log_arp_wrong_iface, CTLFLAG_RW, &log_arp_wrong_iface, 0, @@ -577,6 +578,9 @@ SYSCTL_INT(_net_link_ether_inet, OID_AUTO, log_arp_wrong_iface, CTLFLAG_RW, SYSCTL_INT(_net_link_ether_inet, OID_AUTO, log_arp_movements, CTLFLAG_RW, &log_arp_movements, 0, "log arp replies from MACs different than the one in the cache"); +SYSCTL_INT(_net_link_ether_inet, OID_AUTO, log_arp_permanent_modify, CTLFLAG_RW, + &log_arp_permanent_modify, 0, + "log arp replies from MACs different than the one in the permanent arp entry"); static void @@ -721,12 +725,13 @@ match: ifp->if_addrlen, (u_char *)ar_sha(ah), ":", ifp->if_xname); } else { - log(LOG_ERR, - "arp: %*D attempts to modify permanent entry for %s on %s\n", - ifp->if_addrlen, (u_char *)ar_sha(ah), ":", - inet_ntoa(isaddr), ifp->if_xname); - RT_UNLOCK(rt); - goto reply; + RT_UNLOCK(rt); + if (log_arp_permanent_modify) + log(LOG_ERR, "arp: %*D attempts to modify " + "permanent entry for %s on %s\n", + ifp->if_addrlen, (u_char *)ar_sha(ah), ":", + inet_ntoa(isaddr), ifp->if_xname); + goto reply; } } /* diff --git a/usr.sbin/arp/arp.4 b/usr.sbin/arp/arp.4 index ddc0471fea69..04270005f925 100644 --- a/usr.sbin/arp/arp.4 +++ b/usr.sbin/arp/arp.4 @@ -28,7 +28,7 @@ .\" @(#)arp4.4 6.5 (Berkeley) 4/18/94 .\" $FreeBSD$ .\" -.Dd November 24, 2005 +.Dd December 18, 2005 .Dt ARP 4 .Os .Sh NAME @@ -169,6 +169,13 @@ to if1. This message can only be issued if the sysctl .Va net.link.ether.inet.log_arp_wrong_iface is set to 1, which is the system's default behaviour. +.Pp +.Em "arp: %x:%x:%x:%x:%x:%x attempts to modify permanent entry for %d.%d.%d.%d on %s" : +ARP has received an ARP reply that attempts to overwrite a permanent +antry in the local ARP table. +This error will be only logged, if the sysctl +.Va net.link.ether.inet.log_arp_permanent_modify +is set to 1, which is the system's default behaviour. .Sh SEE ALSO .Xr inet 4 , .Xr route 4 , |