From owner-freebsd-security@FreeBSD.ORG Wed Sep 24 10:04:59 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5E69216A4C0 for ; Wed, 24 Sep 2003 10:04:59 -0700 (PDT) Received: from whale.sunbay.crimea.ua (whale.sunbay.crimea.ua [212.110.138.65]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5F6504400D for ; Wed, 24 Sep 2003 10:04:53 -0700 (PDT) (envelope-from ru@sunbay.com) Received: from whale.sunbay.crimea.ua (ru@localhost [127.0.0.1]) h8OH4grX030640 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Wed, 24 Sep 2003 20:04:43 +0300 (EEST) (envelope-from ru@sunbay.com) Received: (from ru@localhost) by whale.sunbay.crimea.ua (8.12.9/8.12.8/Submit) id h8OH4gXA030639; Wed, 24 Sep 2003 20:04:42 +0300 (EEST) (envelope-from ru) Date: Wed, 24 Sep 2003 20:04:42 +0300 From: Ruslan Ermilov To: Michael Sierchio Message-ID: <20030924170442.GC23542@sunbay.com> References: <200309241429.h8OETrhk097904@freefall.freebsd.org> <3F71ADCA.7090408@tenebras.com> <20030924162111.GA23542@sunbay.com> <3F71C733.6070708@tenebras.com> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="mSxgbZZZvrAyzONB" Content-Disposition: inline In-Reply-To: <3F71C733.6070708@tenebras.com> User-Agent: Mutt/1.5.4i cc: security@freebsd.org Subject: Re: FreeBSD Security Advisory FreeBSD-SA-03:14.arp X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 24 Sep 2003 17:04:59 -0000 --mSxgbZZZvrAyzONB Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Sep 24, 2003 at 09:32:51AM -0700, Michael Sierchio wrote: > Ruslan Ermilov wrote: >=20 > >I still have not committed the code that supports static ARP > >on an interface -- there's currently no way to do static ARP > >only, if you disable ARP on an interface it will be disabled > >in its whole. >=20 > It's clear to me that turning ARP off on wi0 on my machine > means no gratuitous arp will be xmitted, and no arp messages > will be responded to. It's also clear that the static arp > entries for the wireless LAN get entered into the table, and > that ARP continues to work on the wired section. >=20 > Are you saying I'm hallucinating? >=20 Right. But static ARP means something different. It means that the APR table is frozen, but system will still reply to ARP requests for its addresses, which is not done if IFF_NOARP flag is set on an interface. Cheers, --=20 Ruslan Ermilov Sysadmin and DBA, ru@sunbay.com Sunbay Software Ltd, ru@FreeBSD.org FreeBSD committer --mSxgbZZZvrAyzONB Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (FreeBSD) iD8DBQE/cc6qUkv4P6juNwoRAumLAJ4jP4Oj/bQUZLiJf9tCB3spJoSakACcC83Y X+IUB//ksiSCgvDHC4rDDN0= =/kQg -----END PGP SIGNATURE----- --mSxgbZZZvrAyzONB--