From owner-freebsd-questions Wed Mar 28 16:47:41 2001 Delivered-To: freebsd-questions@freebsd.org Received: from chmod.ath.cx (CC2-1242.charter-stl.com [24.217.116.226]) by hub.freebsd.org (Postfix) with ESMTP id B4A9937B719 for ; Wed, 28 Mar 2001 16:47:38 -0800 (PST) (envelope-from ajh3@chmod.ath.cx) Received: by chmod.ath.cx (Postfix, from userid 1001) id 16D14A91A; Wed, 28 Mar 2001 18:47:02 -0600 (CST) Date: Wed, 28 Mar 2001 18:47:02 -0600 From: Andrew Hesford To: Jamie Walker Cc: Andrew Hesford , Edward , freebsd-questions@FreeBSD.ORG Subject: Re: MAC Message-ID: <20010328184702.A13283@cec.wustl.edu> References: <3AC19A18.EDCF8A4@hotmail.com> <20010328093519.A12297@cec.wustl.edu> <20010329074036.C16495@auckland.ac.nz> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20010329074036.C16495@auckland.ac.nz>; from jj.walker@auckland.ac.nz on Thu, Mar 29, 2001 at 07:40:36AM +1200 X-Loop: Andrew Hesford Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Thu, Mar 29, 2001 at 07:40:36AM +1200, Jamie Walker wrote: > from the man pages - ifconfig(8) > > lladdr addr > Set the link-level address on an interface. This can be used to > e.g. set a new MAC address on an ethernet interface, though the > mechanism used is not ethernet-specific. The address addr is > specified as a series of colon-separated hex digits. If the in- > terface is already up when this option is used, it will be > briefly brought down and then brought back up again in order to > insure that the receive filter in the underlying ethernet hard- > ware is properly reprogrammed. > > This usually means the card must be placed in promiscuous mode. ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ This line confirms it... What's happening here is a forgery. When the card is set in promiscuous mode, there is no hardware-level filtration of data. FreeBSD stores a new MAC address in memory, and monitors all data (frames? I don't know my low-level networking) coming into the card. When it is destined for the MAC address that FreeBSD keeps stored, it accepts them as if they came to the interface. When data is sent out, the forged MAC address is tacked on. This isn't technically changing the MAC address on the card, it's a software sleight-of-hand along the lines of NAT in the IP world. -- Andrew Hesford ajh3@chmod.ath.cx To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message