From dd9b6dde8905fd5798dde8784750c025f526c91e Mon Sep 17 00:00:00 2001 From: Bill Fenner Date: Thu, 17 Sep 1998 00:04:21 +0000 Subject: [PATCH] Prevent modification of permanent ARP entries (PR kern/7649) Ignore ARP replies from the wrong interface (discussion on mailing list) Add interface name to a couple of error messages --- sys/netinet/if_ether.c | 25 +++++++++++++++++++++---- 1 file changed, 21 insertions(+), 4 deletions(-) diff --git a/sys/netinet/if_ether.c b/sys/netinet/if_ether.c index c3115ed62c21..ac8d86db643a 100644 --- a/sys/netinet/if_ether.c +++ b/sys/netinet/if_ether.c @@ -31,7 +31,7 @@ * SUCH DAMAGE. * * @(#)if_ether.c 8.1 (Berkeley) 6/10/93 - * $Id: if_ether.c,v 1.46 1998/06/07 17:12:12 dfr Exp $ + * $Id: if_ether.c,v 1.47 1998/06/12 03:48:14 julian Exp $ */ /* @@ -494,11 +494,28 @@ in_arpinput(m) } la = arplookup(isaddr.s_addr, itaddr.s_addr == myaddr.s_addr, 0); if (la && (rt = la->la_rt) && (sdl = SDL(rt->rt_gateway))) { + if (rt->rt_ifp != &ac->ac_if) { + log(LOG_ERR, "arp: %s is on %s%d but got reply from %6D on %s%d\n", + inet_ntoa(isaddr), + rt->rt_ifp->if_name, rt->rt_ifp->if_unit, + ea->arp_sha, ":", + ac->ac_if.if_name, ac->ac_if.if_unit); + goto reply; + } if (sdl->sdl_alen && bcmp((caddr_t)ea->arp_sha, LLADDR(sdl), sdl->sdl_alen)) - log(LOG_INFO, "arp: %s moved from %6D to %6D\n", - inet_ntoa(isaddr), (u_char *)LLADDR(sdl), ":", - ea->arp_sha, ":"); + if (rt->rt_expire) + log(LOG_INFO, "arp: %s moved from %6D to %6D on %s%d\n", + inet_ntoa(isaddr), (u_char *)LLADDR(sdl), ":", + ea->arp_sha, ":", + ac->ac_if.if_name, ac->ac_if.if_unit); + else { + log(LOG_ERR, + "arp: %6D attempts to modify permanent entry for %s on %s%d", + ea->arp_sha, ":", inet_ntoa(isaddr), + ac->ac_if.if_name, ac->ac_if.if_unit); + goto reply; + } (void)memcpy(LLADDR(sdl), ea->arp_sha, sizeof(ea->arp_sha)); sdl->sdl_alen = sizeof(ea->arp_sha); if (rt->rt_expire)