Date: Tue, 25 Jan 2005 10:43:01 -0800 (PST) From: Rich Wales <richw@richw.org> To: freebsd-stable@freebsd.org Subject: NIC acting promiscuously -- how to fix? Message-ID: <20050125180025.S04220.richw@whodunit.richw.org>
next in thread | raw e-mail | index | archive | help
I'm running 5.3-RELEASE-p5 on a system that is functioning as a NAT router/firewall using "pf". It works just fine, but . . . . The external (Internet) network connection is giving me incoming traffic addressed to other users all over my neighborhood (not just the packets intended for me). The external NIC (an Accton MPX 5030/5038, handled via the "rl" driver) appears to be running promiscuously; it's accepting all these incoming packets, whether addressed to me or not. The flags shown for the NIC by the "ifconfig" command are: rl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 Note that the PROMISC flag is =not= set, but the NIC seems to be acting in a promiscuous fashion nevertheless. Although my firewall (an old 800-MHz Athlon system) is able to handle this extra load, I'd really like to configure it so that the packets not intended for my site are silently dropped and never seen by FreeBSD at all. (Aside from simple neatness, I'm aware of the failings of the RealTek 8129/8139 and am hoping to reduce overhead by filtering out the extraneous traffic before the driver would see it.) Any suggestions as to what I should do? Or is what I'm asking simply impossible (and if so, why)? Thanks for any help. Rich Wales richw@richw.org http://www.richw.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050125180025.S04220.richw>