arp(8) usually disallows adding a static ARP entry for an IP address
which is not configured on a local interface.
Change this to allow such ARP entries to be added if '-i' is provided to
specify the interface the ARP entry relates to.
Due to limitations in the kernel lltable, this still requires that a
host route exists for the target address, but allows static ARP entries
to be configured to proxy ARP for, e.g., local jails which use an IPv4
address with a /32 route.
Reviewed by: imp, zlei
Pull Request: https://github.com/freebsd/freebsd-src/pull/1220
The arp.8 manpage documents 'arp -d <addr> pub', but the 'pub' flag is
not accepted by the arp command. Remove this incorrect documentation.
Reviewed by: imp, gleb, mp
Pull Request: https://github.com/freebsd/freebsd-src/pull/1215
When setting a permanent ARP entry, the route(4) would use
rtm->rtm_rmx.rmx_expire == 0 as a flag for installing a static entry, but
netlink(4) is looking for explicit NTF_STICKY flag in the request. The
arp(8) utility was adopted to use netlink(4) by default, but it has lots
of route-era guts internally. Specifically there is global variable 'opts'
that shares configuration for both protocols, and it is still initialized
with route(4) specific RTF_xxx flags. In set_nl() these flags are
translated to netlink(4) parameters. However, RTF_STATIC is a flag that is
never set by default, so attempt to use it as a proxy flag manifesting
-s/-S results in losing it. Use zero opts.expire_time as a manifest of
-s/-S operation. This is a minimal fix. A better one would be to fully
get rid of route(4) legacy.
The change also corrects the logic to set NUD_PERMANENT flag for
consistency. This flag is ignored by our kernel (now).
Reviewed by: melifaro, tuexen, emaste
PR: 277063
Fixes: 6ad73dbf65
Differential Revision: https://reviews.freebsd.org/D43983
We've ifdef'd out the copyright strings for some time now. Go ahead and
remove the ifdefs. Plus whatever other detritis was left over from other
recent removals. These copyright strings are present in the comments and
are largely from CSRG's attempt at adding their copyright to every
binary file (which modern interpretations of the license doesn't
require).
Sponsored by: Netflix
Remove ancient SCCS tags from the tree, automated scripting, with two
minor fixup to keep things compiling. All the common forms in the tree
were removed with a perl script.
Sponsored by: Netflix
If a request ends up growing beyong the initially allocated space the
netlink functions (such as snl_add_msg_attr_u32()) will allocate a
new buffer. This invalidates the header pointer we can have received
from snl_create_msg_request(). Always use the hdr returned by
snl_finalize_msg().
Reviewed by: melifaro
MFC after: 1 week
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D42223
arp(8) has traditionally supported filtering by interface via -i and
by hostname. However, this functionality was omitted from the initial
netlink-ification of arp. This patch re-introduces this filtering
functionality.
This patch also improves by-interface filtering by storing and using the
ifindex of the requested interface for filtering instead of comparing
interface name strings
Reviewed by: melifaro
Sponsored by: Rubicon Communications, LLC ("Netgate")
In most cases, usage does not return, so mark them as __dead2. For the
cases where they do return, they have not been marked __dead2.
Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/735
The change is intended to be fully transparent to the users.
Similarly to route(8) and netstat(8), arp can be build without
netlink by defining WITHOUT_NETLINK in make.conf.
Differential Revision: https://reviews.freebsd.org/D39720
The original code had used a fixed-size buffer for ioctl(SIOCGIFCONF),
that might cause the target ifreq spilled from the buffer. Use the handy
getifaddrs(3) to fix the problem.
Reviewed by: glebius
Differential revision: https://reviews.freebsd.org/D35536
Changes in the 2fe5a79425 moved dst sockaddr masking from the
routing control plane to the rtsock code.
It broke arp/ndp deletion.
It turns out, arp/ndp perform RTM_GET request first to get an
interface index necessary for the deletion.
Then they simply stamp the reply with RTF_LLDATA and set the
command to RTM_DELETE.
As a result, kernel receives request with non-empty RTA_NETMASK
and clears RTA_DST host bits before passing the message to the
lla code.
De facto, the only needed bits are RTA_DST, RTA_GATEWAY and the
subset of rtm_flags.
With that in mind, fix the interace by clearing RTA_NETMASK
for every messages with RTF_LLDATA.
While here, cleanup arp/ndp code a bit.
MFC after: 1 day
Reviewed by: gnn
Differential Revision: https://reviews.freebsd.org/D28804
Currently default behaviour is to keep only 1 packet per unresolved entry.
Ability to queue more than one packet was added 10 years ago, in r215207,
though the default value was kep intact.
Things have changed since that time. Systems tend to initiate multiple
connections at once for a variety of reasons.
For example, recent kern/252278 bug report describe happy-eyeball DNS
behaviour sending multiple requests to the DNS server.
The primary driver for upper value for the queue length determination is
memory consumption. Remote actors should not be able to easily exhaust
local memory by sending packets to unresolved arp/ND entries.
For now, bump value to 16 packets, to match Darwin implementation.
The proper approach would be to switch the limit to calculate memory
consumption instead of packet count and limit based on memory.
We should MFC this with a variation of D22447.
Reviewers: #manpages, #network, bz, emaste
Reviewed By: emaste, gbe(doc), jilles(doc)
MFC after: 1 month
Differential Revision: https://reviews.freebsd.org/D28068
Mainly focus on files that use BSD 3-Clause license.
The Software Package Data Exchange (SPDX) group provides a specification
to make it easier for automated tools to detect and summarize well known
opensource licenses. We are gradually adopting the specification, noting
that the tags are considered only advisory and do not, in any way,
superceed or replace the license texts.
Special thanks to Wind River for providing access to "The Duke of
Highlander" tool: an older (2014) run over FreeBSD tree was useful as a
starting point.
messages before accessing message fields that may not be present,
removing dead/duplicate/misleading code along the way.
Document the message format for each routing socket message in
route.h.
Fix a bug in usr.bin/netstat introduced in r287351 that resulted in
pointer computation with essentially random 16-bit offsets and
dereferencing of the results.
Reviewed by: ae
MFC after: 1 month
Differential Revision: https://reviews.freebsd.org/D10330
Renumber cluase 4 to 3, per what everybody else did when BSD granted
them permission to remove clause 3. My insistance on keeping the same
numbering for legal reasons is too pedantic, so give up on that point.
Submitted by: Jan Schaumann <jschauma@stevens.edu>
Pull Request: https://github.com/freebsd/freebsd/pull/96
* 'blackhole' and 'reject' are mutually exclusive, replace printf() by errx()
when both are selected.
* 'trail' option is no longer supported since first import of arp from 4.4BSD.
XXX message was added 13 years ago in r128192. I believe it's time to remove
it.
* Use warnx() to print some informative messages instead of printf()
* Replace strncmp() by strcmp() when validating parameters and exit when invalid
parameter is found
Reviewed by: allanjude, vangyzen, cem
Approved by: allanjude
MFC after: 1 week
Sponsored by: Rubicon Communications (Netgate)
Differential Revision: https://reviews.freebsd.org/D9504
instead of old "ignore-and-return 0" in r287789. This broke arp -da /
ndp -cn behavior (they exit on rtsock command failure). Fix this by
translating LLE_IFADDR to RTM_PINNED flag, passing it to userland and
making arp/ndp ignore these entries in batched delete.
MFC after: 2 weeks
Off by default, build behaves normally.
WITH_META_MODE we get auto objdir creation, the ability to
start build from anywhere in the tree.
Still need to add real targets under targets/ to build packages.
Differential Revision: D2796
Reviewed by: brooks imp
default from the very beginning. It was placed in wrong namespace
net.link.ether, originally it had been at another wrong namespace. It was
incorrectly documented at incorrect manual page arp(8). Since new-ARP commit,
the tunable have been consulted only on route addition, and ignored on route
deletion. Behaviour of a system with tunable turned off is not fully correct,
and has no advantages comparing to normal behavior.