# static arp on network up

## trikmik

On debian i would make a permanent static arp by creating file in:

/etc/network/if-up.d/add-my-static-arp

With contents:

```
#!/bin/sh

arp -i eth0 -s 192.168.0.4 00:50:cc:44:55:55
```

Then add the permission:

```
chmod +x /etc/network/if-up.d/add-my-static-arp
```

And these arp entries will be manually added or re-added every time the network interface is brought up.

On Gentoo OpenRC Xorg XFCE4 i can not find the directory /etc/network

If i need to provide any more information about the system please feel free to ask.

How would i make a static arp entry that will be manually added or re-added when the network interface goes up on Gentoo?

----------

## krinn

```
bzcat /usr/share/doc/netifrc-0.6.0/net.example.bz2 | grep "#postup" -A5

#postup() {

#   # This function could be used, for example, to register with a

#   # dynamic DNS service.  Another possibility would be to

#   # send/receive mail once the interface is brought up.

#}

```

----------

## khayyam

trikmik ...

```
postup() {

    arp -i eth0 -s 192.168.0.4 00:50:cc:44:55:55

}
```

HTH & best ... khay

----------

## trikmik

/etc/conf.d/net

```
postup() {

               arp -i wlp2s0 -s 192.0.0.0 2b:ab:a8:48:21:28

}

```

Does not seem to work; i am using <gnome-extra/nm-applet> and <net-wireless/wpa_supplicant> to set static arp entry when the system connects to the wireless network, does that matter to make the static arp work?

----------

## krinn

 *Quote:*   

> does that matter to make the static arp work?

 

no that's something the kernel do for you, and it's better to not mess with arp table.

----------

## khayyam

 *trikmik wrote:*   

> Does not seem to work; i am using <gnome-extra/nm-applet> [...]

 

trikmik ... if you're using nm-applet, then you're using net-misc/networkmanager and not net-misc/netifrc ... and the /etc/conf.d/net is exclusively used by the later.

best ... khay

----------

## trikmik

 *khayyam wrote:*   

>  *trikmik wrote:*   Does not seem to work; i am using <gnome-extra/nm-applet> [...] 
> 
> trikmik ... if you're using nm-applet, then you're using net-misc/networkmanager and not net-misc/netifrc ... and the /etc/conf.d/net is exclusively used by the later.
> 
> best ... khay

 

khayyam,

I had to find out the hard way net-misc/networkmanager did not work with postup in /etc/conf.d/net, so i removed net-misc/networkmanager and nm-applet, and switched to wpa_gui (wpa_supplicant) + dhcpcd.

postup in /etc/conf.d/net still does not work (you are right it needs net-misc/netifrc)

now i am stuck on how to carry on, will dhcpcd + wpa_supplicant work with postup in /etc/conf.d/net or will my attempts be futile? if so how can i connect to wifi with dhcp and just using net-misc/netifrc?

if i need to provide more information about the system feel free to ask, thanks for the help.

----------

## khayyam

 *trikmik wrote:*   

> [...] will dhcpcd + wpa_supplicant work with postup in /etc/conf.d/net or will my attempts be futile? if so how can i connect to wifi with dhcp and just using net-misc/netifrc?

 

trikmik ... yes, something like:

```
modules_wlp2s0="!plug !iwconfig wpa_supplicant dhcpcd"

wpa_supplicant_wlp2s0="-Dnl80211 -qq"

config_wlp2s0="dhcp"

postup(){

    if [ "$IFACE" = "wlp2s0" ] ; then

        arp -i wlp2s0 -s 192.0.0.0 2b:ab:a8:48:21:28 

    fi

}
```

This assumes that 'dhcpcd' isn't in the runlevel and 'net.wlp2s0' is ... you might also want the following:

```
rc_dhcpcd_provide="!net"
```

Also, krinn is probably right, you shouldn't be messing with the arp table ... is there a reason for this?

HTH & best ... khay

----------

## trikmik

khayyam,

The provided solution in the post above, made static arp possible on reboot.

If i may ask, could you please explain why it is not a smart thing to set a static arp entry?

I thought setting static arp entry will prevent arp spoofing/poisoning?

----------

## szatox

@trikmik, kernel does network discovery by itself and populates arp table as needed. This configuration is not necessarily static, and doing it manually is not worth the effort.

If you're afraid of arp spoofing, you can install a daemon that will maintain ARP table for you. Much more managable, since you still benefit from automagic discovery, but it also makes kernel ignore updates, so the existing entries can't be easily replaced by a rogue client.

Hopefully, it ignores those updates selectively, so your kernel will update its ARP table after the old entry times out  :Wink: 

----------

