Date: Mon, 3 Jan 2005 03:56:02 GMT From: jacques brierre <jbrierre@bellsouth.net> To: freebsd-gnats-submit@FreeBSD.org Subject: sparc64/75735: misconfigured qfe ports Message-ID: <200501030356.j033u2oD037961@www.freebsd.org> Resent-Message-ID: <200501030400.j0340gYJ021944@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 75735 >Category: sparc64 >Synopsis: misconfigured qfe ports >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-sparc64 >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Mon Jan 03 04:00:42 GMT 2005 >Closed-Date: >Last-Modified: >Originator: jacques brierre >Release: 5.3/Sparc64 >Organization: Mean Mice Elf >Environment: FreeBSD sphynx 5.3-RELEASE FreeBSD 5.3-RELEASE #0: Fri Nov 5 19:30:40 UTC 2004 root@bobbi.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC sparc64 >Description: This is a Sun Ultra 2 - 2 UltraSparc-I Processor (168.01 MHz CPU) has hme on-board NIC and QFE Sbus card... ifconfig shows the ports network interfaces as hme0 (correct) and hme1-hme4 (the QFE I/Fs). inet6 is set to NO, but ports initialize with duplicated ipv6 addresses: hme0: flags=108843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 options=b<RXCSUM,TXCSUM,VLAN_MTU> inet 172.16.1.110 netmask 0xffff1900 broadcast 172.16.231.255 inet6 fe80::a00:20ff:fe85:7364%hme0 prefixlen 64 scopeid 0x1 ether 08:00:20:85:73:64 media: Ethernet autoselect (100baseTX) status: active hme1: flags=108802<BROADCAST,SIMPLEX,MULTICAST> mtu 1500 options=b<RXCSUM,TXCSUM,VLAN_MTU> inet 172.16.1.200 netmask 0xffffff00 broadcast 172.16.1.255 inet6 fe80::a00:20ff:feb4:6ec%hme1 prefixlen 64 duplicated scopeid 0x2 ether 08:00:20:b4:06:ec media: Ethernet autoselect hme2: flags=108802<BROADCAST,SIMPLEX,MULTICAST> mtu 1500 options=b<RXCSUM,TXCSUM,VLAN_MTU> ether 08:00:20:b4:06:ed media: Ethernet autoselect hme3: flags=108802<BROADCAST,SIMPLEX,MULTICAST> mtu 1500 options=b<RXCSUM,TXCSUM,VLAN_MTU> ether 08:00:20:b4:06:ee media: Ethernet autoselect hme4: flags=108802<BROADCAST,SIMPLEX,MULTICAST> mtu 1500 options=b<RXCSUM,TXCSUM,VLAN_MTU> inet 172.16.1.204 netmask 0xffffff00 broadcast 172.16.1.255 inet6 fe80::a00:20ff:feb4:6ef%hme4 prefixlen 64 duplicated scopeid 0x5 ether 08:00:20:b4:06:ef media: Ethernet autoselect lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384 inet 127.0.0.1 netmask 0xff000000 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x6 bash-3.00# bash-3.00# ifconfig hme1 down bash-3.00# ifconfig hme4 up bash-3.00# snort -vde -i hme4 Running in packet dump mode Initializing Network Interface hme4 --== Initializing Snort ==-- Initializing Output Plugins! Decoding Ethernet on interface hme4 Jan 2 22:47:46 sphynx kernel: hme4: promiscuous mode enabled --== Initialization Complete ==-- ,,_ -*> Snort! <*- o" )~ Version 2.3.0RC2 (Build 9) '''' By Martin Roesch & The Snort Team: http://www.snort.org/team.html (C) Copyright 1998-2004 Sourcefire Inc, et al. 01/02-22:48:00.598250 ARP who-has 151.114.12.1 tell 151.114.12.253 Jan 2 22:48:14 sphynx kernel: arp: 172.16.1.50 is on hme4 but got reply from 00 :20:a6:4e:bb:d0 on hme0 01/02-22:48:14.826978 ARP who-has 172.16.1.2 tell 172.16.1.204 01/02-22:48:14.827106 ARP who-has 172.16.1.2 tell 172.16.1.204 01/02-22:48:17.819818 ARP who-has 172.16.1.2 tell 172.16.1.204 01/02-22:48:17.819944 ARP who-has 172.16.1.2 tell 172.16.1.204 01/02-22:48:20.811359 ARP who-has 172.16.1.2 tell 172.16.1.204 01/02-22:48:20.811439 ARP who-has 172.16.1.2 tell 172.16.1.204 01/02-22:48:23.827772 ARP who-has 172.16.1.2 tell 172.16.1.204 01/02-22:48:23.827897 ARP who-has 172.16.1.2 tell 172.16.1.204 01/02-22:48:29.821993 ARP who-has 172.16.1.2 tell 172.16.1.204 01/02-22:48:29.822197 ARP who-has 172.16.1.2 tell 172.16.1.204 ^C =============================================================================== Snort received 58 packets Analyzed: 58(100.000%) Dropped: 0(0.000%) =============================================================================== Breakdown by protocol: TCP: 0 (0.000%) UDP: 0 (0.000%) ICMP: 0 (0.000%) ARP: 11 (18.966%) EAPOL: 0 (0.000%) IPv6: 0 (0.000%) IPX: 0 (0.000%) OTHER: 12 (20.690%) DISCARD: 0 (0.000%) =============================================================================== Action Stats: ALERTS: 0 LOGGED: 0 PASSED: 0 =============================================================================== Snort exiting Jan 2 22:48:46 sphynx kernel: hme4: promiscuous mode disabled bash-3.00# ifconfig hme4 down WhenI enabled hme4, above, I immediately lost my ssh connection to the box (via hme0/default route). was able to regain it by disabling hme4 again. >How-To-Repeat: bring up any qfe interface... >Fix: don't use qfe? >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200501030356.j033u2oD037961>