4 files changed, 9 insertions, 6 deletions

diff --git a/src/firejail/arp.c b/src/firejail/arp.c
index 10cfe507f..6d21167f0 100644
--- a/src/firejail/arp.c
+++ b/src/firejail/arp.c
@@ -42,7 +42,10 @@ typedef struct arp_hdr_t {
 
 
 // returns 0 if the address is not in use, -1 otherwise
-int arp_check(const char *dev, uint32_t destaddr, uint32_t srcaddr) {
+int arp_check(const char *dev, uint32_t destaddr) {
+        // RFC 5227 - using a source IP address of 0 for probing
+        uint32_t srcaddr = 0;
+
         if (strlen(dev) > IFNAMSIZ) {
                 fprintf(stderr, "Error: invalid network device name %s\n", dev);
                 exit(1);
@@ -206,7 +209,7 @@ static uint32_t arp_random(const char *dev, Bridge *br) {
                 return 0;
 
         // check address
-        uint32_t rv = arp_check(dev, dest, ifip);
+        uint32_t rv = arp_check(dev, dest);
         if (!rv)
                 return dest;
         return 0;
@@ -248,7 +251,7 @@ static uint32_t arp_sequential(const char *dev, Bridge *br) {
                         dest++;
                         continue;
                 }
-                uint32_t rv = arp_check(dev, dest, ifip);
+                uint32_t rv = arp_check(dev, dest);
                 if (!rv)
                         return dest;
                 dest++;
diff --git a/src/firejail/firejail.h b/src/firejail/firejail.h
index 6aa29f896..5fd978f51 100644
--- a/src/firejail/firejail.h
+++ b/src/firejail/firejail.h
@@ -447,7 +447,7 @@ int restricted_shell(const char *user);
 
 // arp.c
 // returns 0 if the address is not in use, -1 otherwise
-int arp_check(const char *dev, uint32_t destaddr, uint32_t srcaddr);
+int arp_check(const char *dev, uint32_t destaddr);
 // assign an IP address using arp scanning
 uint32_t arp_assign(const char *dev, Bridge *br);
 
diff --git a/src/firejail/network_main.c b/src/firejail/network_main.c
index 11e27575b..172395146 100644
--- a/src/firejail/network_main.c
+++ b/src/firejail/network_main.c
@@ -98,7 +98,7 @@ void net_configure_sandbox_ip(Bridge *br) {
                         exit(1);
                 }
                 // send an ARP request and check if there is anybody on this IP address
-                if (arp_check(br->dev, br->ipsandbox, br->ip)) {
+                if (arp_check(br->dev, br->ipsandbox)) {
                         fprintf(stderr, "Error: IP address %d.%d.%d.%d is already in use\n", PRINT_IP(br->ipsandbox));
                         exit(1);
                 }
diff --git a/src/firejail/sandbox.c b/src/firejail/sandbox.c
index ea39ed580..8c5c02d41 100644
--- a/src/firejail/sandbox.c
+++ b/src/firejail/sandbox.c
@@ -153,7 +153,7 @@ static void sandbox_if_up(Bridge *br) {
                                 exit(1);
                         }
 
-                        uint32_t rv = arp_check(dev, br->ipsandbox, br->ip);
+                        uint32_t rv = arp_check(dev, br->ipsandbox);
                         if (rv) {
                                 fprintf(stderr, "Error: the address %d.%d.%d.%d is already in use.\n", PRINT_IP(br->ipsandbox));
                                 exit(1);