Hi,
Today I upgraded to 11.01.2013 snapshot and I'm still get the same error.
I have permanent static for my default route.
[ns]~$ sudo /usr/sbin/arp -Ff /etc/ether.mac
[ns]~$ cat /etc/ether.mac
XX.XX.XX.33 00:50:45:5f:16:58 permanent
[ns]~$ arp -a
gw.xx.xx (XX.XX.XX.33) at 00:50:45:5f:16:58 on em0 permanent static
After a while:
[ns]~$ arp -a
gw.xx.xx (XX.XX.XX.33) at 00:50:45:5f:16:58 on em0
the permanent static arp disappear.
/var/log/messages:
Jan 14 20:46:47 ns /bsd: arpresolve: XX.XX.7.33: route without link local
address
Jan 14 20:51:47 ns last message repeated 42 times
/var/log/daemon:
Jan 14 20:46:47 ns dhclient[2970]: DHCPREQUEST on em0 to XX.XX.7.1 port 67
Jan 14 20:46:47 ns dhclient[2970]: DHCPACK from XX.XX.7.33
(00:50:45:5f:16:58)
Jan 14 20:46:47 ns dhclient[2970]: bound to XX.XX.7.48 -- renewal in 300
seconds.
Here is my pf.conf
[ns]~$ sudo cat /etc/pf.conf
################ Macros
#######################################################
### Interfaces ###
ExtIf ="em0"
IntIf ="vlan41"
Free ="vlan81"
pppx ="192.168.3.0/25"
lo0 ="127.0.0.1"
### Hosts ###
vl="192.168.1.2"
jl="192.168.1.3"
ve="192.168.1.4"
ntp="192.168.1.5"
sam="192.168.1.14"
dpc11="192.168.1.11"
### Ports ###
low_ports = "0:1024"
hi_ports = "1025:65535"
web = "{20, 21, 22, 25, 80, 443, 3389, 5900, 6000, 7777, 8080}"
ssh_extif = "2222"
rdc = "3389"
rdc_extif = "4900"
squid = "8080"
squid_extif = "443"
vl_skype = "30001"
jl_skype = "30002"
ve_skype = "30003"
vl_torrent= "30004"
jl_torrent= "30005"
ve_torrent= "30006"
vl_hfs = "8081"
ftp_proxy = "8021"
symux = "2100"
ftp = "21"
vnc_ext = "59001"
vnc_int = "5900"
sftp = "22222"
l2tp = "{ 500, 1701, 4500 }"
trace = "33434:33498"
### Queues, States and Types ###
IcmpType ="icmp-type 8 code 0"
SynState ="flags S/SAFR synproxy state"
### Tables ###
table <bgnets> file "/etc/bgnets"
table <spamd-white> persist
table <proxy-users> persist { 188.254.185.154, 212.50.72.29,
85.217.136.0/21, \
95.111.100.14, 212.233.176.65, 78.128.124.161, 190.32.172.28 }
## panama
table <isp> persist { 94.26.7.32/27 }
table <BLOCK> persist { 82.119.88.70 }
################ Options
######################################################
### Misc Options
set block-policy drop
set loginterface $ExtIf
set skip on lo0
set optimization aggressive
# set state-defaults pflow
################ Queueing
####################################################
altq on $ExtIf bandwidth 100% hfsc queue { BG, INTER }
queue INTER bandwidth 3% hfsc (upperlimit 2950Kb) \
{ i_ack, i_dns, i_ntp, i_web, i_bulk, i_bittor }
queue i_ack bandwidth 30% priority 8 qlimit 500 hfsc (realtime
30%)
queue i_dns bandwidth 5% priority 7 qlimit 500 hfsc (realtime
10%)
queue i_ntp bandwidth 10% priority 6 qlimit 500 hfsc (realtime
10%)
queue i_web bandwidth 30% priority 5 qlimit 500 hfsc (realtime
20%)
queue i_bulk bandwidth 19% priority 2 qlimit 500 hfsc (realtime
15%)
queue i_bittor bandwidth 1% priority 0 qlimit 2000 hfsc (default,
upperlimit 60%)
queue BG bandwidth 30% hfsc (upperlimit 30Mb) \
{ b_ack, b_dns, b_ntp, b_rdc, b_web, b_bulk, b_bittor }
queue b_ack bandwidth 10% priority 8 qlimit 500 hfsc (realtime
10%)
queue b_dns bandwidth 1% priority 7 qlimit 500 hfsc (realtime
1% )
queue b_ntp bandwidth 10% priority 7 qlimit 500 hfsc (realtime
1% )
queue b_rdc bandwidth 10% priority 6 qlimit 500 hfsc (realtime
10%)
queue b_web bandwidth 30% priority 5 qlimit 500 hfsc (realtime
30%)
queue b_bulk bandwidth 30% priority 4 qlimit 500 hfsc (realtime
10%)
queue b_bittor bandwidth 1% priority 0 qlimit 500 hfsc
(upperlimit 85%)
################ Translation and Filtering
###################################
### BLOCK all in/out on all interfaces by default and log
block log on $ExtIf
block return log on $IntIf
block return log on $Free
block quick log on $ExtIf from <BLOCK>
### Network Address Translation (NAT with outgoing source port
randomization)
match out log on egress from (self) \
to any nat-to ($ExtIf:0) port 1024:65535
match out log on egress from !($ExtIf:0) \
to any nat-to ($ExtIf:0) port 1024:65535
### NAT from IntIf to FreeWifi
match out log on $Free from $IntIf:network \
to $Free:network nat-to ($Free:0) port 1024:65535
### Packet normalization ( "scrubbing" )
match log on $ExtIf all scrub (random-id max-mss 1472)
### Ftp ( secure ftp proxy for LAN )
anchor "ftp-proxy/*"
### pppx
pass log from $pppx
### $ExtIf inbound ################
# npppd
pass in log on $ExtIf proto {tcp, udp} from <bgnets> \
to ($ExtIf) port $l2tp queue b_dns
# Named ( bind dns )
pass in log on $ExtIf inet proto udp from any \
to ($ExtIf) port domain queue i_dns
pass in log on $ExtIf inet proto udp from <bgnets> \
to ($ExtIf) port domain queue b_dns
# OpenSSH
pass in log on $ExtIf inet proto tcp from <bgnets> \
to ($ExtIf) port $ssh_extif queue b_bulk rdr-to $lo0 port ssh
# SFTP to MAC OS X
pass in log on $ExtIf inet proto tcp from <bgnets> \
to ($ExtIf) port $sftp queue b_bulk rdr-to $dpc11 port ssh
# Postfix
pass in log on $ExtIf inet proto tcp from <spamd-white> \
to ($ExtIf) port smtp queue i_bulk rdr-to lo0
pass in log on $ExtIf inet proto tcp from !<spamd-white> \
to ($ExtIf) port smtp rdr-to lo0 port spamd
# Nginx
pass in log on $ExtIf inet proto tcp from any \
to ($ExtIf) port www queue (i_web, i_ack) rdr-to $lo0
pass in log on $ExtIf inet proto tcp from <bgnets> \
to ($ExtIf) port www queue (b_web, b_ack) rdr-to $lo0
# Ntpd ( time server )
pass in log on $ExtIf inet proto udp from any \
to ($ExtIf) port ntp queue i_ntp #rdr-to $ntp
pass in log on $ExtIf inet proto udp from <bgnets> \
to ($ExtIf) port ntp queue b_ntp #rdr-to $ntp
# RDC_BG
pass in log on $ExtIf inet proto tcp from <bgnets> \
to ($ExtIf) port $rdc_extif $SynState queue b_rdc rdr-to $vl port $rdc
# VNC TO MAC OS X
pass in log on $ExtIf inet proto tcp from <bgnets> \
to ($ExtIf) port $vnc_ext $SynState queue b_rdc rdr-to $dpc11 port $vnc_int
# Squid
pass in log on $ExtIf inet proto tcp from <proxy-users> \
to ($ExtIf) port $squid_extif $SynState queue b_bulk rdr-to $lo0 port
$squid
# Skype (queue INTER)
pass in log on $ExtIf inet proto {tcp, udp} from any \
to ($ExtIf) port $vl_skype queue i_bulk rdr-to $vl
pass in log on $ExtIf inet proto {tcp, udp} from any \
to ($ExtIf) port $jl_skype queue i_bulk rdr-to $jl
pass in log on $ExtIf inet proto {tcp, udp} from any \
to ($ExtIf) port $ve_skype queue i_bulk rdr-to $ve
# Skype (queue BG)
pass in log on $ExtIf inet proto {tcp, udp} from <bgnets> \
to ($ExtIf) port $vl_skype queue b_bulk rdr-to $vl
pass in log on $ExtIf inet proto {tcp, udp} from <bgnets> \
to ($ExtIf) port $jl_skype queue b_bulk rdr-to $jl
pass in log on $ExtIf inet proto {tcp, udp} from <bgnets> \
to ($ExtIf) port $ve_skype queue b_bulk rdr-to $ve
# uTorrent (queue INTER)
pass in log on $ExtIf inet proto {tcp, udp} from any \
to ($ExtIf) port $vl_torrent queue (i_bittor, i_ack) rdr-to $vl
pass in log on $ExtIf inet proto {tcp, udp} from any \
to ($ExtIf) port $jl_torrent queue (i_bittor, i_ack) rdr-to $jl
pass in log on $ExtIf inet proto {tcp, udp} from any \
to ($ExtIf) port $ve_torrent queue (i_bittor, i_ack) rdr-to $ve
# uTorrent (queue BG)
pass in log on $ExtIf inet proto {tcp, udp} from <bgnets> \
to ($ExtIf) port $vl_torrent queue (b_bittor, b_ack) rdr-to $vl
pass in log on $ExtIf inet proto {tcp, udp} from <bgnets> \
to ($ExtIf) port $jl_torrent queue (b_bittor, b_ack) rdr-to $jl
pass in log on $ExtIf inet proto {tcp, udp} from <bgnets> \
to ($ExtIf) port $ve_torrent queue (b_bittor, b_ack) rdr-to $ve
# HFS
pass in log on $ExtIf inet proto tcp from <bgnets> \
to ($ExtIf) port $vl_hfs queue (b_web, b_ack) rdr-to $vl
# Ping
pass in log on $ExtIf inet proto icmp from any \
to ($ExtIf) $IcmpType
pass in log on $ExtIf inet proto icmp from <bgnets> \
to ($ExtIf) $IcmpType queue b_bulk
### End $ExtIf inbound ###########
### $IntIf outbound ###########
# ntp.bsdbg.net
pass out log on $IntIf inet proto udp from any \
to $ntp port ntp
# RDC
pass out log on $IntIf inet proto tcp from any \
to $vl port $rdc
# VNC TO MAC OS X
pass out log on $IntIf inet proto tcp from any \
to $dpc11 port $vnc_int
# SFTP to MAC OS X
pass out log on $IntIf inet proto tcp from any \
to $dpc11 port ssh
# Skype
pass out log on $IntIf inet proto {tcp, udp} from any \
to $vl port $vl_skype
pass out log on $IntIf inet proto {tcp, udp} from any \
to $jl port $jl_skype
pass out log on $IntIf inet proto {tcp, udp} from any \
to $ve port $ve_skype
# uTorrent
pass out log on $IntIf inet proto {tcp, udp} from any \
to $vl port $vl_torrent
pass out log on $IntIf inet proto {tcp, udp} from any \
to $jl port $jl_torrent
pass out log on $IntIf inet proto {tcp, udp} from any \
to $ve port $ve_torrent
# HFS
pass out log on $IntIf inet proto tcp from <bgnets> \
to $vl port $vl_hfs
# Allow self to reach Lan
pass out log on $IntIf inet proto {tcp, udp, icmp} from (self) \
to $IntIf:network
### End $IntIf outbound ###
### $Free outbound ###
# Allow self to reach FreeWifi
pass out log on $Free inet proto {tcp, udp, icmp} from (self) \
to $Free:network
### End $Free outbound ###
### $Free inbound ###
# Allow FreeWifi to access port www and https
pass in log on $Free inet proto tcp from $Free:network \
to !$IntIf:network port www
pass in log on $Free inet proto tcp from $Free:network \
to !$IntIf:network port https
# Local DNS access for FreeWifi
pass in log on $Free inet proto udp from $Free:network \
to $Free port domain
### End $Free inbound ###
### $IntIf inbound ###############
# Allow all out
pass in log on $IntIf inet proto {tcp, udp, icmp} from $IntIf:network \
to any
# Ftp-proxy
pass in log on $IntIf inet proto tcp from $IntIf:network \
to !$IntIf port $ftp divert-to $lo0 port $ftp_proxy
# Symux
pass in log on $IntIf inet proto {tcp, udp} from $IntIf:network \
to $IntIf port $symux rdr-to $lo0
# Postfix
pass in log on $IntIf inet proto {tcp, udp} from $ntp \
to $IntIf port smtp rdr-to $lo0
# Allow SamKnows to run it's tests
pass in log on $IntIf inet proto {tcp, udp, icmp} from $sam \
to any tag SAM
### End $IntIf inbound ###
### $ExtIf outbound ###
## TCP ##
# Queue default (i_bittor & b_bittor )
pass out log on $ExtIf inet proto tcp from ($ExtIf) \
to any port $hi_ports queue (i_bittor, i_ack)
pass out log on $ExtIf inet proto tcp from ($ExtIf) \
to <bgnets> port $hi_ports queue (b_bittor, b_ack)
# Queue bulk (i_bulk $ b_bulk )
pass out log on $ExtIf inet proto tcp from ($ExtIf) \
to any port $low_ports queue (i_bulk, i_ack)
pass out log on $ExtIf inet proto tcp from ($ExtIf) \
to <bgnets> port $low_ports queue (b_bulk, b_ack)
# Queue web (i_web $ b_web )
pass out log on $ExtIf inet proto tcp from ($ExtIf) \
to any port $web queue (i_web, i_ack)
pass out log on $ExtIf inet proto tcp from ($ExtIf) \
to <bgnets> port $web queue (b_web, b_ack)
## UDP ##
# Queue default (i_bittor & b_bittor)
pass out log on $ExtIf inet proto udp from ($ExtIf) \
to any port $hi_ports queue i_bittor
pass out log on $ExtIf inet proto udp from ($ExtIf) \
to <bgnets> port $hi_ports queue b_bittor
# Queue bulk (i_bulk & b_bulk)
pass out log on $ExtIf inet proto udp from ($ExtIf) \
to any port $low_ports queue i_bulk
pass out log on $ExtIf inet proto udp from ($ExtIf) \
to <bgnets> port $low_ports queue b_bulk
# Queue dns (i_dns & b_dns)
pass out log on $ExtIf inet proto udp from ($ExtIf) \
to any port domain queue i_dns
pass out log on $ExtIf inet proto udp from ($ExtIf) \
to <bgnets> port domain queue b_dns
# Queue ntp (i_ntp & b_ntp)
pass out log on $ExtIf inet proto udp from ($ExtIf) \
to any port ntp queue i_ntp
pass out log on $ExtIf inet proto udp from ($ExtIf) \
to <bgnets> port ntp queue b_ntp
# ICMP
pass out log on $ExtIf inet proto icmp from ($ExtIf) \
to any $IcmpType queue i_web
pass out log on $ExtIf inet proto icmp from ($ExtIf) \
to <bgnets> $IcmpType queue b_web
# Traceroute
pass out log on $ExtIf inet proto udp from ($ExtIf) \
to any port $trace queue i_ntp
pass out log on $ExtIf inet proto udp from ($ExtIf) \
to <bgnets> port $trace queue b_ntp
# SamKnows
pass out log on $ExtIf inet proto {tcp, udp, icmp} from ($ExtIf) \
to any queue i_ack tagged SAM
pass out log on $ExtIf inet proto {tcp, udp, icmp} from ($ExtIf) \
to <bgnets> queue b_ack tagged SAM
### End $ExtIf outbound ###########
dmesg:
OpenBSD 5.2-current (GENERIC) #15: Fri Jan 11 14:04:04 MST 2013
[email protected]:/usr/src/sys/arch/i386/compile/GENERIC
cpu0: AMD Athlon(TM) XP1600+ ("AuthenticAMD" 686-class, 256KB L2 cache)
1.42 GHz
cpu0:
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,MMX,FXSR,SSE,MMXX,3DNOW2,3DNOW
real mem = 402112512 (383MB)
avail mem = 384557056 (366MB)
mainbus0 at root
bios0 at mainbus0: AT/286+ BIOS, date 03/03/03, BIOS32 rev. 0 @ 0xf0d00,
SMBIOS rev. 2.3 @ 0xf2bc0 (46 entries)
bios0: vendor Award Software, Inc. version "ASUS A7V266-C ACPI BIOS Rev
1014" date 03/03/2003
bios0: ASUSTeK Computer INC. A7V266-C
apm0 at bios0: Power Management spec V1.2
acpi at bios0 function 0x0 not configured
pcibios0 at bios0: rev 2.1 @ 0xf0000/0x1572
pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xf14b0/192 (10 entries)
pcibios0: PCI Interrupt Router at 000:17:0 ("VIA VT82C586 ISA" rev 0x00)
pcibios0: PCI bus #1 is the last bus
bios0: ROM list: 0xc0000/0x8000 0xc8000/0x1000 0xcc000/0x1000
cpu0 at mainbus0: (uniprocessor)
pci0 at mainbus0 bus 0: configuration mode 1 (bios)
pchb0 at pci0 dev 0 function 0 "VIA VT8366 PCI" rev 0x00
viaagp0 at pchb0: v2
agp0 at viaagp0: aperture at 0xfe800000, size 0xe400000
ppb0 at pci0 dev 1 function 0 "VIA VT8366 AGP" rev 0x00
pci1 at ppb0 bus 1
vga1 at pci0 dev 12 function 0 "S3 ViRGE DX/GX" rev 0x01
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
em0 at pci0 dev 13 function 0 "Intel PRO/1000MT (82540EM)" rev 0x02: irq
11, address 00:07:e9:10:32:a8
em1 at pci0 dev 15 function 0 "Intel PRO/1000MT (82540EM)" rev 0x02: irq
10, address 00:07:e9:10:2a:20
viapm0 at pci0 dev 17 function 0 "VIA VT8233A ISA" rev 0x00: SMI
iic0 at viapm0
lm1 at iic0 addr 0x2d: AS99127F
viapm0: 24-bit timer at 3579545Hz
pciide0 at pci0 dev 17 function 1 "VIA VT82C571 IDE" rev 0x06: ATA133,
channel 0 configured to compatibility, channel 1 confi
gured to compatibility
wd0 at pciide0 channel 0 drive 0: <WDC WD800JB-00ETA0>
wd0: 16-sector PIO, LBA48, 76319MB, 156301488 sectors
wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 5
pciide0: channel 1 disabled (no drives)
uhci0 at pci0 dev 17 function 2 "VIA VT83C572 USB" rev 0x23: irq 12
uhci1 at pci0 dev 17 function 3 "VIA VT83C572 USB" rev 0x23: irq 12
usb0 at uhci0: USB revision 1.0
uhub0 at usb0 "VIA UHCI root hub" rev 1.00/1.00 addr 1
usb1 at uhci1: USB revision 1.0
uhub1 at usb1 "VIA UHCI root hub" rev 1.00/1.00 addr 1
isa0 at mainbus0
isadma0 at isa0
com0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo
com0: console
com1 at isa0 port 0x2f8/8 irq 3: ns16550a, 16 byte fifo
pckbc0 at isa0 port 0x60/5
pckbd0 at pckbc0 (kbd slot)
pckbc0: using irq 1 for kbd slot
wskbd0 at pckbd0: console keyboard, using wsdisplay0
pcppi0 at isa0 port 0x61
spkr0 at pcppi0
npx0 at isa0 port 0xf0/16: reported by CPUID; using exception 16
mtrr: Pentium Pro MTRR support
vscsi0 at root
scsibus0 at vscsi0: 256 targets
softraid0 at root
scsibus1 at softraid0: 256 targets
root on wd0a swap on wd0b dump on wd0b
