This is only really needed for long lasting ARP, which is only
used for IPv4 address defence.
Modern NetBSD does not need this and it fails to work with
OpenBSD Pledge. FreeBSD Capsicum is more secure without this
as the BPF fd can then be locked for other changes [1].
That just leaves Linux and Solaris.
If anyone feels dhcpcd is processing to much ARP then please
implement RFC 5227 in the kernel like NetBSD.
[1] Locking the BPF fd is questionable because the inet proxy
using sendmsg can send any packet to any destination.
projects / thirdparty / dhcpcd.git / commit
