FreeBSD Security Advisory FreeBSD-SA-03:14.arp
Ruslan Ermilov
ru at freebsd.org
Wed Sep 24 10:04:59 PDT 2003
On Wed, Sep 24, 2003 at 09:32:51AM -0700, Michael Sierchio wrote:
> Ruslan Ermilov wrote:
>
> >I still have not committed the code that supports static ARP
> >on an interface -- there's currently no way to do static ARP
> >only, if you disable ARP on an interface it will be disabled
> >in its whole.
>
> It's clear to me that turning ARP off on wi0 on my machine
> means no gratuitous arp will be xmitted, and no arp messages
> will be responded to. It's also clear that the static arp
> entries for the wireless LAN get entered into the table, and
> that ARP continues to work on the wired section.
>
> Are you saying I'm hallucinating?
>
Right. But static ARP means something different. It means
that the APR table is frozen, but system will still reply
to ARP requests for its addresses, which is not done if
IFF_NOARP flag is set on an interface.
Cheers,
--
Ruslan Ermilov Sysadmin and DBA,
ru at sunbay.com Sunbay Software Ltd,
ru at FreeBSD.org FreeBSD committer
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-security/attachments/20030924/2bac0a06/attachment.bin
More information about the freebsd-security
mailing list