ARP

[BIS]

Hello All,
This might be a very simple thing, but I'm a newby so please bear with me.
I have 4.5 box with two NICs. I keep getting errors like:
arp [ip] is on [if 0] but got reply from [mac] on [if 1]

I found this howto (

http://freebsdhowtos.com/102.html)

but it seems like the sysctl command is not recognized in 4.5. When I type "sysctl -w net.link.ether.init.log_arp_wrong_iface=0" I get the error that the "net.link.ether.init.log_arp_wrong_iface=0" is an unknown command. Any ideas?

 

[axvpaa]

howdy,
you have to be root to do that and also, can you check what's the securelevel on the kernel?
if it's 3 you have to lover the securelevel to do changes on the fly
$0.02
alex

 

[BIS]

Thanks for the reply axvpaa, but I was doing this as root. I also tried to put the line "net.link.ether.init.log_arp_wrong_iface=0" in the /etc/sysctl.conf file. After a reboot the same error appeared during boot-up. Am I being really stupid now?

 

[axvpaa]

hi
let me ask you again. what is kern.securelevel on your server?
tia
alex

 

[BIS]

oops, overlooked that one. In rc.conf I have kernel_secure_level_enable="NO" - would this be the cause? Could you also briefly explain why? Thanks, I really appreciate this

 

[TheGrey]

how about trying

sysctl -w net.link.ether.inet.log_arp_wrong_iface=0

instead?

Cheers!

 

[BIS]

But that is exactly what I was typing to start of with... I got the error that this was an unknown command. Actually it says "sysctl: unknown oid net.link.ether.inet.log_arp_wrong_iface"..I just realized that I have no clue what an oid is? Sorry for not being more specific.

 

[TheGrey]

you have consistently used this command here:

"sysctl -w net.link.ether.init.log_arp_wrong_iface=0"

so i thought that you maybe had a typo in your shell command as well.

 

[BIS]

TheGrey,
I must be going blind. Mind you I have stared and looked at this command quite a few times today. If you see a typo could you please point it out to me? Many thanks, and my apologies for not seeing the obvious.

 

[TheGrey]

sysctl -w net.link.ether.inet.log_arp_wrong_iface=0
sysctl -w net.link.ether.init.log_arp_wrong_iface=0

inet/init

 

[BIS]

Arh...........Godalmighty how stupid.
Thanks, and sorry for wasting everybodys time.

 

[axvpaa]

hi,

http://draenor.org/securebsd/secure.pdf

something to read about security on FreeBSD. reason that i asked for the securelevel is :
if kern.securelevel=3 you can't make changes on the fly with sysctrl ( command line).

su-2.05a# sysctl -w net.link.ether.inet.log_arp_wrong_iface=0
net.link.ether.inet.log_arp_wrong_iface: 1 -> 0
su-2.05a# sysctl -w net.link.ether.inet.log_arp_wrong_iface=1
net.link.ether.inet.log_arp_wrong_iface: 0 -> 1
it works on my 4.5 from command line.
btw, according to man sysctl :
The -w option has been deprecated and is silently ignored.
new way will be
#sysctl var=value
if you wanna use /etc/sysctl.conf
you put var=value in there and you should be fine ( man sysctl.conf)
hth
alex

 

[axvpaa]

wow, until i was writing my reply 6 new posts . someone here said that this is a dead forum?
go FreeBSD go
lol
alex

 

[TheGrey]

'nuff said