From owner-freebsd-net@freebsd.org Mon May 9 15:16:36 2016 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 1B782B3463C for ; Mon, 9 May 2016 15:16:36 +0000 (UTC) (envelope-from ml@my.gd) Received: from mail-lf0-x234.google.com (mail-lf0-x234.google.com [IPv6:2a00:1450:4010:c07::234]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 9EFA5104F for ; Mon, 9 May 2016 15:16:34 +0000 (UTC) (envelope-from ml@my.gd) Received: by mail-lf0-x234.google.com with SMTP id m64so203470044lfd.1 for ; Mon, 09 May 2016 08:16:33 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=my-gd.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc; bh=Tyfzjm+80b06b+CczWuA5UJ8KKoxWvaKqHjxd7V5ITw=; b=LICWYnfSS8JEgyK/IyZGXgVe6HlyvlD8RhNe0/6sYpCCnRdO+Klno1LTS2IgITyJaK 2J3atS2rVOupcVxMfJr0KgDRr6zNPVIMjxcUjmNSBQ5UEqUexu/FItlTKDVmei3p7uWM BCB+ZkfP+bCApPJgAQpp/qDyduHbah/PRKEASvQMyvotGF1uGYfb/YFBV8y7w4NecyUf 5TYr2wi+moUHRE08e5ZVJqG2APDnZEyelMyet5fQgtoRDMAUOeSZNbvBcdy4ajkM06iX e0YG2vIjkQ8h/E0VYbdig7Sj1rotG9IL+s6iWZ1STSmdUeaUk7wcohHxTg6ZT4XZykTx 3wwA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc; bh=Tyfzjm+80b06b+CczWuA5UJ8KKoxWvaKqHjxd7V5ITw=; b=QXSd+JiCWBp42olQ55nlwSHxv2p9c2l1EyAvYZl1ifRZRdK54CU57uWSj3tQYM8roT RRmJ+LhU09V/52VcsCrxOLEQI03KH0X88IZPnMbGQjA830KmSi11oCxYghht+t0i5T+f YlZOek40I7EcaBACS/KLceqTcqXXZNuKDSFycrgimH7WJU8QflEZCG55GiZKkBG8Fi6A mgp5+RuFaCH879d9VaDUDD2mLWEaF3iy8oklljk4pYLMJdWXCUIrOUF2ys5Tk//rMyBx vz1ZLT8cJdYQ6KgW6wpRsKdGU8stPC93Xpaagl5+eBbzXWiPVuQ9f9DKRn1AEOyDk4Jz wpCA== X-Gm-Message-State: AOPr4FXXVra3TrXp0AftKHfF1mM6pDPg3d9VDjI14t5YSu54lKsnoWqdEFrZV9J+kO7ryfE6o1PBUsTTgOTXZQ== MIME-Version: 1.0 X-Received: by 10.112.43.168 with SMTP id x8mr14988660lbl.132.1462806992378; Mon, 09 May 2016 08:16:32 -0700 (PDT) Received: by 10.112.54.226 with HTTP; Mon, 9 May 2016 08:16:32 -0700 (PDT) In-Reply-To: References: <52FB7430-BC4D-4157-94FB-4245BA1C3066@van-laarhoven.org> Date: Mon, 9 May 2016 17:16:32 +0200 Message-ID: Subject: Re: PR 166255 - disable promiscuous mode warning via sysctl From: Damien Fleuriot To: Nick Hibma Cc: "freebsd-net@freebsd.org" , Eitan Adler Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.22 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 09 May 2016 15:16:36 -0000 On 9 May 2016 at 15:56, Eitan Adler wrote: > On 9 May 2016 at 02:02, Nick Hibma wrote: > > Folks, > > > > In PR 166255 [1] it is suggested to allow disabling =E2=80=98promiscuo= us mode > enabled=E2=80=99 warnings. It adds a sysctl to allow toggling this behavi= our. I > have a number of questions before I commit the patch: > > I don't any concern with a sysctl, but I wonder if some better ore > more generic mechanism could be built (like syslog.conf). > > > Hello Nick, Eitan, @Nick WRT security, I have to agree with borjam's comment [1] about making this a loader-time tunable. WRT different values, I would think it a shore to implement "warn again after X minutes". Certainly for the needs referenced by PR 166255, this would be overkill. @Eitan The problem with adjusting this at syslog (or rsyslog)'s level is that you effectively generate the message, then have to expand even more work to actually suppress it, making your machine work twice for no reason. [1] https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D166255#c6