Add a knob to suppress logging of attempts to modify

permanent ARP entries. Submitted by: Andrew Alcheyev <buddy telenet.ru>
2005-12-18 19:11:56 +00:00 · 2005-12-18 19:11:56 +00:00 · cfbe2fd3f7
commit cfbe2fd3f7
parent 175e16aa4d
2 changed files with 19 additions and 7 deletions
--- a/sys/netinet/if_ether.c
+++ b/sys/netinet/if_ether.c
@ -570,6 +570,7 @@ arpintr(struct mbuf *m)
 */
 static int log_arp_wrong_iface = 1;
 static int log_arp_movements = 1;
+static int log_arp_permanent_modify = 1;

 SYSCTL_INT(_net_link_ether_inet, OID_AUTO, log_arp_wrong_iface, CTLFLAG_RW,
 	&log_arp_wrong_iface, 0,
@ -577,6 +578,9 @@ SYSCTL_INT(_net_link_ether_inet, OID_AUTO, log_arp_wrong_iface, CTLFLAG_RW,
 SYSCTL_INT(_net_link_ether_inet, OID_AUTO, log_arp_movements, CTLFLAG_RW,
        &log_arp_movements, 0,
        "log arp replies from MACs different than the one in the cache");
+SYSCTL_INT(_net_link_ether_inet, OID_AUTO, log_arp_permanent_modify, CTLFLAG_RW,
+        &log_arp_permanent_modify, 0,
+        "log arp replies from MACs different than the one in the permanent arp entry");


 static void
@ -721,12 +725,13 @@ match:
 			    ifp->if_addrlen, (u_char *)ar_sha(ah), ":",
 			    ifp->if_xname);
 		} else {
-		    log(LOG_ERR,
-			"arp: %*D attempts to modify permanent entry for %s on %s\n",
-			ifp->if_addrlen, (u_char *)ar_sha(ah), ":",
-			inet_ntoa(isaddr), ifp->if_xname);
-		    RT_UNLOCK(rt);
-		    goto reply;
+			RT_UNLOCK(rt);
+			if (log_arp_permanent_modify)
+				log(LOG_ERR, "arp: %*D attempts to modify "
+				    "permanent entry for %s on %s\n",
+				    ifp->if_addrlen, (u_char *)ar_sha(ah), ":",
+				    inet_ntoa(isaddr), ifp->if_xname);
+			goto reply;
 		}
 	}
 	/*
--- a/usr.sbin/arp/arp.4
+++ b/usr.sbin/arp/arp.4
@ -28,7 +28,7 @@
 .\"	@(#)arp4.4	6.5 (Berkeley) 4/18/94
 .\" $FreeBSD$
 .\"
-.Dd November 24, 2005
+.Dd December 18, 2005
 .Dt ARP 4
 .Os
 .Sh NAME
@ -169,6 +169,13 @@ to if1.
 This message can only be issued if the sysctl
 .Va net.link.ether.inet.log_arp_wrong_iface
 is set to 1, which is the system's default behaviour.
+.Pp
+.Em "arp: %x:%x:%x:%x:%x:%x attempts to modify permanent entry for %d.%d.%d.%d on %s" :
+ARP has received an ARP reply that attempts to overwrite a permanent
+antry in the local ARP table.
+This error will be only logged, if the sysctl
+.Va net.link.ether.inet.log_arp_permanent_modify
+is set to 1, which is the system's default behaviour.
 .Sh SEE ALSO
 .Xr inet 4 ,
 .Xr route 4 ,