netinet

Christos Zoulas Sat, 27 Aug 2011 02:06:07 -0700

Module Name:    src
Committed By:   christos
Date:           Sat Aug 27 09:05:55 UTC 2011


Modified Files:
        src/sys/netinet: if_arp.c

Log Message:
Add 3 logging sysctls for arp from freebsd:

1. log_movements: do you want to log the arp overwritten message or not?
2. log_wrong_iface: do you want to log when an arp arrives at the wrong
   interface?
3. log_permanent_modify: do you want to log when an arp message attempts
   to overwrite a static entry?

I did not call the sysctls log_arp like FreeBSD does, because we already
have an arp sysctl level. The default is on for all three of them.


To generate a diff of this commit:
cvs rdiff -u -r1.151 -r1.152 src/sys/netinet/if_arp.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/netinet/if_arp.c
diff -u src/sys/netinet/if_arp.c:1.151 src/sys/netinet/if_arp.c:1.152
--- src/sys/netinet/if_arp.c:1.151	Tue May  3 12:00:29 2011
+++ src/sys/netinet/if_arp.c	Sat Aug 27 05:05:54 2011
@@ -1,4 +1,4 @@
-/*	$NetBSD: if_arp.c,v 1.151 2011/05/03 16:00:29 dyoung Exp $	*/
+/*	$NetBSD: if_arp.c,v 1.152 2011/08/27 09:05:54 christos Exp $	*/
 
 /*-
  * Copyright (c) 1998, 2000, 2008 The NetBSD Foundation, Inc.
@@ -68,7 +68,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: if_arp.c,v 1.151 2011/05/03 16:00:29 dyoung Exp $");
+__KERNEL_RCSID(0, "$NetBSD: if_arp.c,v 1.152 2011/08/27 09:05:54 christos Exp $");
 
 #include "opt_ddb.h"
 #include "opt_inet.h"
@@ -191,6 +191,10 @@
 
 static int arp_drainwanted;
 
+static int log_movements = 1;
+static int log_permanent_modify = 1;
+static int log_wrong_iface = 1;
+
 /*
  * this should be elsewhere.
  */
@@ -1085,6 +1089,8 @@
 		    memcmp(ar_sha(ah), CLLADDR(sdl), sdl->sdl_alen)) {
 			if (rt->rt_flags & RTF_STATIC) {
 				ARP_STATINC(ARP_STAT_RCVOVERPERM);
+				if (!log_permanent_modify)
+					goto out;
 				log(LOG_INFO,
 				    "%s tried to overwrite permanent arp info"
 				    " for %s\n",
@@ -1093,6 +1099,8 @@
 				goto out;
 			} else if (rt->rt_ifp != ifp) {
 				ARP_STATINC(ARP_STAT_RCVOVERINT);
+				if (!log_wrong_iface)
+					goto out;
 				log(LOG_INFO,
 				    "%s on %s tried to overwrite "
 				    "arp info for %s on %s\n",
@@ -1102,10 +1110,12 @@
 				    goto out;
 			} else {
 				ARP_STATINC(ARP_STAT_RCVOVER);
-				log(LOG_INFO,
-				    "arp info overwritten for %s by %s\n",
-				    in_fmtaddr(isaddr),
-				    lla_snprintf(ar_sha(ah), ah->ar_hln));
+				if (log_movements)
+					log(LOG_INFO, "arp info overwritten "
+					    "for %s by %s\n",
+					    in_fmtaddr(isaddr),
+					    lla_snprintf(ar_sha(ah),
+					    ah->ar_hln));
 			}
 		}
 		/*
@@ -1641,21 +1651,21 @@
 	sysctl_createv(clog, 0, NULL, NULL,
 			CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
 			CTLTYPE_INT, "prune",
-			SYSCTL_DESCR("ARP cache pruning interval"),
+			SYSCTL_DESCR("ARP cache pruning interval in seconds"),
 			NULL, 0, &arpt_prune, 0,
 			CTL_NET,PF_INET, node->sysctl_num, CTL_CREATE, CTL_EOL);
 
 	sysctl_createv(clog, 0, NULL, NULL,
 			CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
 			CTLTYPE_INT, "keep",
-			SYSCTL_DESCR("Valid ARP entry lifetime"),
+			SYSCTL_DESCR("Valid ARP entry lifetime in seconds"),
 			NULL, 0, &arpt_keep, 0,
 			CTL_NET,PF_INET, node->sysctl_num, CTL_CREATE, CTL_EOL);
 
 	sysctl_createv(clog, 0, NULL, NULL,
 			CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
 			CTLTYPE_INT, "down",
-			SYSCTL_DESCR("Failed ARP entry lifetime"),
+			SYSCTL_DESCR("Failed ARP entry lifetime in seconds"),
 			NULL, 0, &arpt_down, 0,
 			CTL_NET,PF_INET, node->sysctl_num, CTL_CREATE, CTL_EOL);
 
@@ -1672,6 +1682,30 @@
 			SYSCTL_DESCR("ARP statistics"),
 			sysctl_net_inet_arp_stats, 0, NULL, 0,
 			CTL_NET,PF_INET, node->sysctl_num, CTL_CREATE, CTL_EOL);
+
+	sysctl_createv(clog, 0, NULL, NULL,
+			CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
+			CTLTYPE_INT, "log_movements",
+			SYSCTL_DESCR("log ARP replies from MACs different than"
+			    " the one in the cache"),
+			NULL, 0, &log_movements, 0,
+			CTL_NET,PF_INET, node->sysctl_num, CTL_CREATE, CTL_EOL);
+
+	sysctl_createv(clog, 0, NULL, NULL,
+			CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
+			CTLTYPE_INT, "log_permanent_modify",
+			SYSCTL_DESCR("log ARP replies from MACs different than"
+			    " the one in the permanent arp entry"),
+			NULL, 0, &log_permanent_modify, 0,
+			CTL_NET,PF_INET, node->sysctl_num, CTL_CREATE, CTL_EOL);
+
+	sysctl_createv(clog, 0, NULL, NULL,
+			CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
+			CTLTYPE_INT, "log_wrong_iface",
+			SYSCTL_DESCR("log ARP packets arriving on the wrong"
+			    " interface"),
+			NULL, 0, &log_wrong_iface, 0,
+			CTL_NET,PF_INET, node->sysctl_num, CTL_CREATE, CTL_EOL);
 }
 
 #endif /* INET */

CVS commit: src/sys/netinet

Reply via email to