Date: Wed, 02 Jan 2008 21:55:56 +0100 From: Hartmut Brandt <hartmut.brandt@dlr.de> To: d@delphij.net Cc: FreeBSD Current <freebsd-current@freebsd.org>, freebsd-rc@FreeBSD.org Subject: Re: [RFC] rc.d script for binding static arp pairs and logging options Message-ID: <477BFA5C.60602@dlr.de> In-Reply-To: <477BE583.6080202@delphij.net> References: <477BE583.6080202@delphij.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Xin LI wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Hi, > > Here is a rc.d script that I use on my own server, which provides two > functionalities: > > - Bind ARP pairs specified in rc.conf (*); Not having looked at the actual scripts just a comment: while the ARP and the routing tables are still unified, static arp entries can be done with the normal static_routes rc stuff. As far as I know this is going to change, so your script will be needed sooner or later. The functionality is needed for sure. harti > - Set ARP logging options (+). > > * Similar to routing settings, one need to set up some sort of "ARP > pairs" like this: > > static_arp_pairs="gw" > arp_gw="172.16.1.1 00:1c:58:6a:7b:49" > > + By setting one or more of the following options to "NO" it would set > appropriate sysctl for arp logging settings to zero to disable logging: > > log_arp_permanent_modify > log_arp_movements > log_arp_wrong_iface > > This script could be useful for those who use FreeBSD in a > uncontrollable network (i.e. your network administrator does not care > about viruses that attacks the network with fake ARP broadcasts). > > I wonder whether this script would be useful for general consumption? > Other comments are also welcome :-) > > Cheers, > - -- > Xin LI <delphij@delphij.net> http://www.delphij.net/ > FreeBSD - The Power to Serve! > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v2.0.4 (FreeBSD) > > iD8DBQFHe+WCi+vbBBjt66ARAvA/AJ9zv5Wtif9DPgDPT89ZOOoueu+w9gCeK3gY > 4GEETsKg53j19QLFd3IZKkc= > =rLKv > -----END PGP SIGNATURE----- > > > ------------------------------------------------------------------------ > > _______________________________________________ > freebsd-current@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-current > To unsubscribe, send any mail to "freebsd-current-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?477BFA5C.60602>