Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 28 Mar 2001 18:47:02 -0600
From:      Andrew Hesford <ajh3@chmod.ath.cx>
To:        Jamie Walker <jj.walker@auckland.ac.nz>
Cc:        Andrew Hesford <ajh3@chmod.ath.cx>, Edward <edward_gess@hotmail.com>, freebsd-questions@FreeBSD.ORG
Subject:   Re: MAC
Message-ID:  <20010328184702.A13283@cec.wustl.edu>
In-Reply-To: <20010329074036.C16495@auckland.ac.nz>; from jj.walker@auckland.ac.nz on Thu, Mar 29, 2001 at 07:40:36AM %2B1200
References:  <3AC19A18.EDCF8A4@hotmail.com> <20010328093519.A12297@cec.wustl.edu> <20010329074036.C16495@auckland.ac.nz>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Thu, Mar 29, 2001 at 07:40:36AM +1200, Jamie Walker wrote:
> from the man pages - ifconfig(8)
> 
>      lladdr addr
>              Set the link-level address on an interface. This can be used to
>              e.g. set a new MAC address on an ethernet interface, though the
>              mechanism used is not ethernet-specific. The address addr is
>              specified as a series of colon-separated hex digits.  If the in-
>              terface is already up when this option is used, it will be
>              briefly brought down and then brought back up again in order to
>              insure that the receive filter in the underlying ethernet hard-
>              ware is properly reprogrammed.
> 
> This usually means the card must be placed in promiscuous mode.
  ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
This line confirms it...

What's happening here is a forgery. When the card is set in promiscuous
mode, there is no hardware-level filtration of data. FreeBSD stores a
new MAC address in memory, and monitors all data (frames? I don't know
my low-level networking) coming into the card. When it is destined for
the MAC address that FreeBSD keeps stored, it accepts them as if they
came to the interface. When data is sent out, the forged MAC address is
tacked on.

This isn't technically changing the MAC address on the card, it's a
software sleight-of-hand along the lines of NAT in the IP world.
--
Andrew Hesford
ajh3@chmod.ath.cx

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010328184702.A13283>