>> I also added sysctls to be able to tune the arp timeouts.
>
>Hm.  No range checking of new values ... It would be nice if the sysctl 
>framework allowed for valid ranges to be checked by generic code.  
>Andrew? :-)

when i redid everything, i deemed implementing such a thing as "too
costly in terms of code complexity (and kernel memory) versus the
number of consumers of such a feature".  besides, most of the other
would-be consumers of the feature also have other stuff they want to
do.

eg, port numbers should only be between 0 and 65535 (inclusive), but
when you set the anonportmin, you need to make sure it's also below
the anonportmax value.

or when setting redirtimeout, which must be greater than zero, we also
muck with timer queues.

so when you change the arp timeout so a new value, don't you also want
to poke everything that's now "overdue"?

-- 
|-----< "CODE WARRIOR" >-----|
codewarrior@daemon.org             * "ah!  i see you have the internet
twofsonet@graffiti.com (Andrew Brown)                that goes *ping*!"
werdna@squooshy.com       * "information is power -- share the wealth."