From owner-freebsd-stable@FreeBSD.ORG Tue Jan 25 18:43:03 2005 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C415B16A4CE for ; Tue, 25 Jan 2005 18:43:03 +0000 (GMT) Received: from smtp3.Stanford.EDU (smtp3.Stanford.EDU [171.67.16.138]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6CDFD43D39 for ; Tue, 25 Jan 2005 18:43:03 +0000 (GMT) (envelope-from richw@richw.org) Received: from whodunit.richw.org (SW-90-716-276-1.Stanford.EDU [171.66.155.243]) by smtp3.Stanford.EDU (8.12.11/8.12.11) with ESMTP id j0PIh2Qg030257 for ; Tue, 25 Jan 2005 10:43:02 -0800 Received: from whodunit.richw.org (localhost [127.0.0.1]) by whodunit.richw.org (8.13.1/8.13.1) with ESMTP id j0PIh1nJ010129; Tue, 25 Jan 2005 10:43:01 -0800 (PST) (envelope-from richw@whodunit.richw.org) Received: (from richw@localhost) by whodunit.richw.org (8.13.1/8.13.1/Submit) id j0PIh1cf010128; Tue, 25 Jan 2005 10:43:01 -0800 (PST) (envelope-from richw) Date: Tue, 25 Jan 2005 10:43:01 -0800 (PST) From: Rich Wales To: freebsd-stable@freebsd.org Message-ID: <20050125180025.S04220.richw@whodunit.richw.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Subject: NIC acting promiscuously -- how to fix? X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 25 Jan 2005 18:43:03 -0000 I'm running 5.3-RELEASE-p5 on a system that is functioning as a NAT router/firewall using "pf". It works just fine, but . . . . The external (Internet) network connection is giving me incoming traffic addressed to other users all over my neighborhood (not just the packets intended for me). The external NIC (an Accton MPX 5030/5038, handled via the "rl" driver) appears to be running promiscuously; it's accepting all these incoming packets, whether addressed to me or not. The flags shown for the NIC by the "ifconfig" command are: rl0: flags=8843 mtu 1500 Note that the PROMISC flag is =not= set, but the NIC seems to be acting in a promiscuous fashion nevertheless. Although my firewall (an old 800-MHz Athlon system) is able to handle this extra load, I'd really like to configure it so that the packets not intended for my site are silently dropped and never seen by FreeBSD at all. (Aside from simple neatness, I'm aware of the failings of the RealTek 8129/8139 and am hoping to reduce overhead by filtering out the extraneous traffic before the driver would see it.) Any suggestions as to what I should do? Or is what I'm asking simply impossible (and if so, why)? Thanks for any help. Rich Wales richw@richw.org http://www.richw.org