Date: Tue, 25 Jan 2005 12:07:19 -0800 From: Doug Hardie <bc979@lafn.org> To: freebsd-stable@freebsd.org Subject: Re: NIC acting promiscuously -- how to fix? Message-ID: <B7913843-6F0C-11D9-8611-000393681B06@lafn.org> In-Reply-To: <20050125191446.GA26504@odin.ac.hmc.edu> References: <20050125180025.S04220.richw@whodunit.richw.org> <20050125191446.GA26504@odin.ac.hmc.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
> On Tue, Jan 25, 2005 at 10:43:01AM -0800, Rich Wales wrote: >> I'm running 5.3-RELEASE-p5 on a system that is functioning as a >> NAT router/firewall using "pf". It works just fine, but . . . . >> >> The external (Internet) network connection is giving me incoming >> traffic addressed to other users all over my neighborhood (not >> just the packets intended for me). The external NIC (an Accton >> MPX 5030/5038, handled via the "rl" driver) appears to be running >> promiscuously; it's accepting all these incoming packets, whether >> addressed to me or not. How are you determining that? If you are using tcpdump without the -p then keep in mind it will put the interface into promiscous mode and you will see everything on the network regardless of who its addressed to. To verify what your interface is accepting use: tcpdump -pei rl0 That will show the packets that it accepts including the ethernet headers. Those headers should all have your MAC address in them (send or receive).
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?B7913843-6F0C-11D9-8611-000393681B06>