kern/166255: [net] [patch] It should be possible to disable "promiscuous mode enabled" messages

Eugene Grosbein eugen at grosbein.net
Mon Mar 19 21:00:40 UTC 2012 

>Number:         166255
>Category:       kern
>Synopsis:       [net] [patch] It should be possible to disable "promiscuous mode enabled" messages
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Mon Mar 19 21:00:27 UTC 2012
>Closed-Date:
>Last-Modified:
>Originator:     Eugene Grosbein
>Release:        FreeBSD 8.3-PRERELEASE amd64
>Organization:
RDTC JSC
>Environment:
System: FreeBSD grosbein.pp.ru 8.3-PRERELEASE FreeBSD 8.3-PRERELEASE #17: Tue Mar 20 01:42:57 NOVT 2012 root at grosbein.pp.ru:/usr/local/obj/usr/local/src/sys/DADV amd64

>Description:
	We run large network providing local users with Internet access
	using DHCP service. While we block malice DHCP servers in our net
	using switches' layer 2 ACLs, configuration errors sometimes happen.
	So, we also run network monitoring server based on FreeBSD
	that periodically sends DHCP requests and waits for answers
	to detect malice DHCP servers and warn us timely.

	We use net-mgmt/dhcdrop to perform this task. dhcdrop utilizes BPF
	and takes each of several thousands vlan interfaces to promiscous mode on
	at start and take it back at finish. This cycle runs several times
	per minute producing tons of LOG_NOTICE kernel messages:

vlan1: promiscuous mode enabled
vlan2: promiscuous mode enabled
...
vlan1: promiscuous mode disabled
vlan2: promiscuous mode disabled

	And so on. The server is diskless so it fills RAM-based /var/log
	with these messages and floods our remote syslog collector.
	It is not possible to filter those messages out
	with means of syslog.conf only.

	It should be possible to disable these messages in setups like ours
	where they are excessive.

>How-To-Repeat:

	See above.

>Fix:

	The following patch introduces new sysctl named
	net.link.log_promisc_mode_change with default value 1.
	One may change it to 0 to disable mentioned warnings.

--- sys/net/if.c.orig	2012-03-20 03:13:12.000000000 +0700
+++ sys/net/if.c	2012-03-20 03:22:10.000000000 +0700
@@ -120,6 +120,12 @@
 	&ifdescr_maxlen, 0,
 	"administrative maximum length for interface description");
 
+static int log_promisc_mode_change = 1;
+
+SYSCTL_INT(_net_link, OID_AUTO, log_promisc_mode_change, CTLFLAG_RW,
+	&log_promisc_mode_change, 1,
+	"log promiscuous mode change events");
+
 MALLOC_DEFINE(M_IFDESCR, "ifdescr", "ifnet descriptions");
 
 /* global sx for non-critical path ifdescr */
@@ -2240,7 +2246,8 @@
 				ifp->if_flags |= IFF_PROMISC;
 			else if (ifp->if_pcount == 0)
 				ifp->if_flags &= ~IFF_PROMISC;
-			log(LOG_INFO, "%s: permanently promiscuous mode %s\n",
+			if (log_promisc_mode_change)
+			  log(LOG_INFO, "%s: permanently promiscuous mode %s\n",
 			    ifp->if_xname,
 			    (new_flags & IFF_PPROMISC) ? "enabled" : "disabled");
 		}
@@ -2770,7 +2777,8 @@
 	error = if_setflag(ifp, IFF_PROMISC, IFF_PPROMISC,
 			   &ifp->if_pcount, pswitch);
 	/* If promiscuous mode status has changed, log a message */
-	if (error == 0 && ((ifp->if_flags ^ oldflags) & IFF_PROMISC))
+	if (error == 0 && log_promisc_mode_change &&
+	    ((ifp->if_flags ^ oldflags) & IFF_PROMISC))
 		log(LOG_INFO, "%s: promiscuous mode %s\n",
 		    ifp->if_xname,
 		    (ifp->if_flags & IFF_PROMISC) ? "enabled" : "disabled");


>Release-Note:
>Audit-Trail:
>Unformatted:

More information about the freebsd-bugs mailing list