Problem: when passt/pasta are working in a broadcast domain with more than one host machine, it will answer for all of these machines, except for the one having --address. This is akin to ARP spoofing and breaks connection with these machines if passt/pasta ARP reply arrives before the original one. Solution: only be responsible and send ARP replies for the --gateway's address. --- arp.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/arp.c b/arp.c index a35c1b6..f873491 100644 --- a/arp.c +++ b/arp.c @@ -67,8 +67,8 @@ int arp(const struct ctx *c, const struct pool *p) !memcmp(am->sip, am->tip, sizeof(am->sip))) return 1; - /* Don't resolve our own address, either. */ - if (!memcmp(am->tip, &c->ip4.addr, sizeof(am->tip))) + /* Don't resolve anything but gateway address. */ + if (memcmp(am->tip, &c->ip4.gw, sizeof(am->tip)) != 0) return 1; ah->ar_op = htons(ARPOP_REPLY); -- 2.39.2 (Apple Git-144)