Subject: Re: dhcpd(8) _cannot_ be completely disabled on an interface
To: Andrew Brown <atatat@atatdot.net>
From: John Nemeth <jnemeth@victoria.tc.ca>
List: tech-security
Date: 01/09/2002 22:26:29
On Jun 1,  5:10pm, Andrew Brown wrote:
}
} >} netbsd, as i understand it, doesn't do proxy arp without the help of a
} >} small daemon, somewhat like rarpd.
} >
} >     Yes it does.  What do you think "arp -s ... ..." would do?  This
} >is the same mechanism that the "proxyarp" option of pppd would use.
} 
} it sets an ethernet <-> ip address mapping in the kernel's routing
} table.  and i can't add a mapping for an ip address that's not on my
} local network using arp(8).
} 
}  this# arp -s 1.2.3.4 00:50:04:68:c6:11
}  cannot intuit interface index and type for 1.2.3.4
}  this# 

     In this case, a better statement would be that you can't easily do
an arbitrary proxy arp from the command line.  You can create a proxy
arp for any address on a local interface.

} perhaps one can do such a thing using a "raw" routing socket, but i
} wouldn't expect it.

     Why not?  Assuming a "raw" routing lets you specify the interface,
you should be able to set proxyarp.

}-- End of excerpt from Andrew Brown