Date: Tue, 20 Mar 2012 03:46:31 +0700 (NOVT) From: Eugene Grosbein <eugen@grosbein.net> To: FreeBSD-gnats-submit@FreeBSD.org Subject: kern/166255: [net] [patch] It should be possible to disable "promiscuous mode enabled" messages Message-ID: <201203192046.q2JKkVE9003876@grosbein.pp.ru> Resent-Message-ID: <201203192100.q2JL0SBX084365@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 166255 >Category: kern >Synopsis: [net] [patch] It should be possible to disable "promiscuous mode enabled" messages >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Mon Mar 19 21:00:27 UTC 2012 >Closed-Date: >Last-Modified: >Originator: Eugene Grosbein >Release: FreeBSD 8.3-PRERELEASE amd64 >Organization: RDTC JSC >Environment: System: FreeBSD grosbein.pp.ru 8.3-PRERELEASE FreeBSD 8.3-PRERELEASE #17: Tue Mar 20 01:42:57 NOVT 2012 root@grosbein.pp.ru:/usr/local/obj/usr/local/src/sys/DADV amd64 >Description: We run large network providing local users with Internet access using DHCP service. While we block malice DHCP servers in our net using switches' layer 2 ACLs, configuration errors sometimes happen. So, we also run network monitoring server based on FreeBSD that periodically sends DHCP requests and waits for answers to detect malice DHCP servers and warn us timely. We use net-mgmt/dhcdrop to perform this task. dhcdrop utilizes BPF and takes each of several thousands vlan interfaces to promiscous mode on at start and take it back at finish. This cycle runs several times per minute producing tons of LOG_NOTICE kernel messages: vlan1: promiscuous mode enabled vlan2: promiscuous mode enabled ... vlan1: promiscuous mode disabled vlan2: promiscuous mode disabled And so on. The server is diskless so it fills RAM-based /var/log with these messages and floods our remote syslog collector. It is not possible to filter those messages out with means of syslog.conf only. It should be possible to disable these messages in setups like ours where they are excessive. >How-To-Repeat: See above. >Fix: The following patch introduces new sysctl named net.link.log_promisc_mode_change with default value 1. One may change it to 0 to disable mentioned warnings. --- sys/net/if.c.orig 2012-03-20 03:13:12.000000000 +0700 +++ sys/net/if.c 2012-03-20 03:22:10.000000000 +0700 @@ -120,6 +120,12 @@ &ifdescr_maxlen, 0, "administrative maximum length for interface description"); +static int log_promisc_mode_change = 1; + +SYSCTL_INT(_net_link, OID_AUTO, log_promisc_mode_change, CTLFLAG_RW, + &log_promisc_mode_change, 1, + "log promiscuous mode change events"); + MALLOC_DEFINE(M_IFDESCR, "ifdescr", "ifnet descriptions"); /* global sx for non-critical path ifdescr */ @@ -2240,7 +2246,8 @@ ifp->if_flags |= IFF_PROMISC; else if (ifp->if_pcount == 0) ifp->if_flags &= ~IFF_PROMISC; - log(LOG_INFO, "%s: permanently promiscuous mode %s\n", + if (log_promisc_mode_change) + log(LOG_INFO, "%s: permanently promiscuous mode %s\n", ifp->if_xname, (new_flags & IFF_PPROMISC) ? "enabled" : "disabled"); } @@ -2770,7 +2777,8 @@ error = if_setflag(ifp, IFF_PROMISC, IFF_PPROMISC, &ifp->if_pcount, pswitch); /* If promiscuous mode status has changed, log a message */ - if (error == 0 && ((ifp->if_flags ^ oldflags) & IFF_PROMISC)) + if (error == 0 && log_promisc_mode_change && + ((ifp->if_flags ^ oldflags) & IFF_PROMISC)) log(LOG_INFO, "%s: promiscuous mode %s\n", ifp->if_xname, (ifp->if_flags & IFF_PROMISC) ? "enabled" : "disabled"); >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201203192046.q2JKkVE9003876>