Hi,
In IPv4 we log a message when someone is spoofing our arp cache.
Mar 9 01:03:51 q0 /bsd: arp info overwritten for 10.188.50.10 by
00:01:02:03:04:05 on ne3
Do we want a similar message for IPv6 neighbor discovery protocol?
Mar 9 01:03:30 q0 /bsd: ndp info overwritten for
fdd7:e83e:66bc:0001:0215:58ff:fe7c:cb62 by 00:01:02:03:04:05 on ne3
ok?
bluhm
Index: netinet6/nd6.c
===================================================================
RCS file: /data/mirror/openbsd/cvs/src/sys/netinet6/nd6.c,v
retrieving revision 1.85
diff -u -p -r1.85 nd6.c
--- netinet6/nd6.c 28 Jun 2010 16:48:15 -0000 1.85
+++ netinet6/nd6.c 7 Mar 2011 19:56:42 -0000
@@ -1571,6 +1571,10 @@ fail:
* 1 -- y -- (7) * STALE
*/
+ if (llchange) {
+ log(LOG_INFO, "ndp info overwritten for %s by %s on %s\n",
+ ip6_sprintf(from), ether_sprintf(lladdr), ifp->if_xname);
+ }
if (lladdr) { /* (3-5) and (7) */
/*
* Record source link-layer address
Index: netinet6/nd6_nbr.c
===================================================================
RCS file: /data/mirror/openbsd/cvs/src/sys/netinet6/nd6_nbr.c,v
retrieving revision 1.55
diff -u -p -r1.55 nd6_nbr.c
--- netinet6/nd6_nbr.c 8 Feb 2010 11:56:09 -0000 1.55
+++ netinet6/nd6_nbr.c 7 Mar 2011 19:56:21 -0000
@@ -750,6 +750,11 @@ nd6_na_input(struct mbuf *m, int off, in
/*
* Update link-local address, if any.
*/
+ if (llchange) {
+ log(LOG_INFO, "ndp info overwritten for %s "
+ "by %s on %s\n", ip6_sprintf(&taddr6),
+ ether_sprintf(lladdr), ifp->if_xname);
+ }
if (lladdr) {
sdl->sdl_alen = ifp->if_addrlen;
bcopy(lladdr, LLADDR(sdl), ifp->if_addrlen);
