Subject: Re: dhcpd(8) _cannot_ be completely disabled on an interface
To: Andrew Brown <atatat@atatdot.net>
From: John Nemeth <jnemeth@victoria.tc.ca>
List: tech-security
Date: 01/09/2002 22:26:29
On Jun 1, 5:10pm, Andrew Brown wrote:
}
} >} netbsd, as i understand it, doesn't do proxy arp without the help of a
} >} small daemon, somewhat like rarpd.
} >
} > Yes it does. What do you think "arp -s ... ..." would do? This
} >is the same mechanism that the "proxyarp" option of pppd would use.
}
} it sets an ethernet <-> ip address mapping in the kernel's routing
} table. and i can't add a mapping for an ip address that's not on my
} local network using arp(8).
}
} this# arp -s 1.2.3.4 00:50:04:68:c6:11
} cannot intuit interface index and type for 1.2.3.4
} this#
In this case, a better statement would be that you can't easily do
an arbitrary proxy arp from the command line. You can create a proxy
arp for any address on a local interface.
} perhaps one can do such a thing using a "raw" routing socket, but i
} wouldn't expect it.
Why not? Assuming a "raw" routing lets you specify the interface,
you should be able to set proxyarp.
}-- End of excerpt from Andrew Brown