From owner-freebsd-current@FreeBSD.ORG  Mon May 21 22:42:47 2007
Return-Path: <owner-freebsd-current@FreeBSD.ORG>
X-Original-To: freebsd-current@freebsd.org
Delivered-To: freebsd-current@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id B581B16A468
	for <freebsd-current@freebsd.org>; Mon, 21 May 2007 22:42:47 +0000 (UTC)
	(envelope-from sten@blinkenlights.nl)
Received: from mx0.blinkenlights.nl (mx0.blinkenlights.nl [89.188.0.20])
	by mx1.freebsd.org (Postfix) with ESMTP id 7B76B13C45E
	for <freebsd-current@freebsd.org>; Mon, 21 May 2007 22:42:47 +0000 (UTC)
	(envelope-from sten@blinkenlights.nl)
Received: from zaphod.blinkenlights.nl (zaphod.blinkenlights.nl
	[IPv6:2001:980:ffe:3:2e0:81ff:fe2f:bb6a])
	by mx0.blinkenlights.nl (Postfix) with ESMTP id BBE527302A;
	Tue, 22 May 2007 00:21:36 +0200 (CEST)
Received: by zaphod.blinkenlights.nl (Postfix, from userid 1001)
	id 8B0F617F459; Tue, 22 May 2007 00:21:36 +0200 (CEST)
Received: from localhost (localhost [127.0.0.1])
	by zaphod.blinkenlights.nl (Postfix) with ESMTP id 812BC17F455;
	Tue, 22 May 2007 00:21:36 +0200 (CEST)
Date: Tue, 22 May 2007 00:21:36 +0200 (CEST)
From: Sten Spans <sten@blinkenlights.nl>
To: Ian FREISLICH <ianf@clue.co.za>
In-Reply-To: <E1Hq8eK-0001RA-2f@clue.co.za>
Message-ID: <Pine.LNX.4.64.0705220019390.17702@zaphod.blinkenlights.nl>
References: <E1Hq8eK-0001RA-2f@clue.co.za>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
Cc: freebsd-current@freebsd.org
Subject: Re: em0 hijacking traffic to port 623
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Discussions about the use of FreeBSD-current
	<freebsd-current.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>, 
	<mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 21 May 2007 22:42:47 -0000

On Mon, 21 May 2007, Ian FREISLICH wrote:

> Hi
>
> We've noticed an issue on our firewalls where the first em device
> in the system hijacks inbound port 623 tcp and udp.  The OS never
> sees this traffic.  Interestingly, em1 and em2 do not appear to be
> afflicted by this problem.  Some reading I've done points to a
> similar conclusion:
>
> http://blogs.sun.com/shepler/entry/port_623_or_the_mount
>
> I've looked at the bios, but I can't find any settings that remotely
> hint IPMI or RMCP+ or serial-over-lan.
>
> Does anyone know how I can stop the card or system from stealing
> port 623 in hardware or must I just stop using em0 (and/or Intel NICS)?

Does "ifconfig em0 promisc" help ?
That fixed firmware related vanishing ipv6 packets on fxp and em.

-- 
Sten Spans

"There is a crack in everything, that's how the light gets in."
Leonard Cohen - Anthem