diff options
-rw-r--r-- | include/linux/inetdevice.h | 1 | ||||
-rw-r--r-- | include/linux/sysctl.h | 1 | ||||
-rw-r--r-- | net/ipv4/arp.c | 20 | ||||
-rw-r--r-- | net/ipv4/devinet.c | 8 |
4 files changed, 20 insertions, 10 deletions
diff --git a/include/linux/inetdevice.h b/include/linux/inetdevice.h index fd7af86..92297ff 100644 --- a/include/linux/inetdevice.h +++ b/include/linux/inetdevice.h @@ -25,6 +25,7 @@ struct ipv4_devconf int arp_filter; int arp_announce; int arp_ignore; + int arp_accept; int medium_id; int no_xfrm; int no_policy; diff --git a/include/linux/sysctl.h b/include/linux/sysctl.h index dfcf449..8754568 100644 --- a/include/linux/sysctl.h +++ b/include/linux/sysctl.h @@ -456,6 +456,7 @@ enum NET_IPV4_CONF_ARP_ANNOUNCE=18, NET_IPV4_CONF_ARP_IGNORE=19, NET_IPV4_CONF_PROMOTE_SECONDARIES=20, + NET_IPV4_CONF_ARP_ACCEPT=21, __NET_IPV4_CONF_MAX }; diff --git a/net/ipv4/arp.c b/net/ipv4/arp.c index accdefe..041dadd 100644 --- a/net/ipv4/arp.c +++ b/net/ipv4/arp.c @@ -879,16 +879,16 @@ static int arp_process(struct sk_buff *skb) n = __neigh_lookup(&arp_tbl, &sip, dev, 0); -#ifdef CONFIG_IP_ACCEPT_UNSOLICITED_ARP - /* Unsolicited ARP is not accepted by default. - It is possible, that this option should be enabled for some - devices (strip is candidate) - */ - if (n == NULL && - arp->ar_op == htons(ARPOP_REPLY) && - inet_addr_type(sip) == RTN_UNICAST) - n = __neigh_lookup(&arp_tbl, &sip, dev, -1); -#endif + if (ipv4_devconf.arp_accept) { + /* Unsolicited ARP is not accepted by default. + It is possible, that this option should be enabled for some + devices (strip is candidate) + */ + if (n == NULL && + arp->ar_op == htons(ARPOP_REPLY) && + inet_addr_type(sip) == RTN_UNICAST) + n = __neigh_lookup(&arp_tbl, &sip, dev, -1); + } if (n) { int state = NUD_REACHABLE; diff --git a/net/ipv4/devinet.c b/net/ipv4/devinet.c index 3ffa60d..44fdf14 100644 --- a/net/ipv4/devinet.c +++ b/net/ipv4/devinet.c @@ -1394,6 +1394,14 @@ static struct devinet_sysctl_table { .proc_handler = &proc_dointvec, }, { + .ctl_name = NET_IPV4_CONF_ARP_ACCEPT, + .procname = "arp_accept", + .data = &ipv4_devconf.arp_accept, + .maxlen = sizeof(int), + .mode = 0644, + .proc_handler = &proc_dointvec, + }, + { .ctl_name = NET_IPV4_CONF_NOXFRM, .procname = "disable_xfrm", .data = &ipv4_devconf.no_xfrm, |