From owner-freebsd-hackers Mon Aug 12 13: 7: 5 2002 Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7994737B400 for ; Mon, 12 Aug 2002 13:07:01 -0700 (PDT) Received: from carver.gumbysoft.com (carver.gumbysoft.com [66.220.23.50]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4B23343E7B for ; Mon, 12 Aug 2002 13:06:58 -0700 (PDT) (envelope-from dwhite@gumbysoft.com) Received: by carver.gumbysoft.com (Postfix, from userid 1000) id 8776E72FC5; Mon, 12 Aug 2002 13:03:50 -0700 (PDT) Received: from localhost (localhost [127.0.0.1]) by carver.gumbysoft.com (Postfix) with ESMTP id 840EA72D9E; Mon, 12 Aug 2002 13:03:50 -0700 (PDT) Date: Mon, 12 Aug 2002 13:03:50 -0700 (PDT) From: Doug White To: Sean Hamilton Cc: hackers@freebsd.org Subject: Re: arplookup: host is not on local network In-Reply-To: <001f01c2418a$bc174890$f019e8d8@slugabed.org> Message-ID: <20020812130248.W45923-100000@carver.gumbysoft.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Sun, 11 Aug 2002, Sean Hamilton wrote: > From: "Doug White" > > You should check that your network configuration is correct first, then > > use tcpdump to locate the offender and report them to your provider. They > > can ask the owner of said machine politely to install the patches or set > > /proc flags to disable that behavior. You can, of course, comment out the > > Which /proc flags? Indeed it is a linux box, the firewall, which I have > access to. My coworker, the administrator of this box, has simply turned a > blind eye to this, on the grounds that it's not actually causing problems, > just noise... but if it's a simple tweak, I'm sure he could be bribed with > caffeine or somesuch. I don't recall, its under /proc/sys/net most likely ... you can google for it. > > printfs, or hide it behind log_arp_wrong_iface which is controlled by the > > sysctl net.link.ether.inet.log_arp_wrong_iface. The file you want to > > modify in that case is src/sys/netinet/if_ether.c. > > Thanks, looks like that sysctl is what I've been looking for. Though you > seem to indicate I would have to modify the kernel to achieve this, it seems > to be that way already -- perhaps a recent thing? Regardless, I find it > somewhat surprising my googling didn't point me in this direction. log_arp_wrong_iface was in 4.5 I think, but you do need to do a minor hack to put an if(){} block around the offending printf. -- Doug White | FreeBSD: The Power to Serve dwhite@gumbysoft.com | www.FreeBSD.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message