em0 hijacking traffic to port 623

Jack Vogel jfvogel at gmail.com
Tue May 22 07:49:27 UTC 2007 

On 5/21/07, Ian FREISLICH <ianf at clue.co.za> wrote:
> Ian FREISLICH wrote:
> > "Jack Vogel" wrote:
> > > On 5/21/07, Sten Spans <sten at blinkenlights.nl> wrote:
> > > > On Mon, 21 May 2007, Ian FREISLICH wrote:
> > > > > I've looked at the bios, but I can't find any settings that remotely
> > > > > hint IPMI or RMCP+ or serial-over-lan.
> > > > >
> > > > > Does anyone know how I can stop the card or system from stealing
> > > > > port 623 in hardware or must I just stop using em0 (and/or Intel NICS)?
> > > >
> > > > Does "ifconfig em0 promisc" help ?
> > > > That fixed firmware related vanishing ipv6 packets on fxp and em.
> > >
> > > Is this happening even with the latest CURRENT driver,  there is code in
> > > it now that is supposed to stop the firmware from doing that, at least
> > > that was the theory :)
> >
> > No, it's a March 6 current.  How safe is it to just update the
> > sys/dev/em directory and recompile?  Quite a lot has changed in
> > CURRENT since then and I don't want to update everything on these
> > servers just yet.
>
> Looking at the new source, I'm not sure it will stop this adaptor
> gobbling port 623.  It's a 82546EB, e1000_82546_rev_3 e1000_mac_type.
> In em_init_manageability(), it looks like it's only disabled for
> e1000_mac_type >= e1000_82571 which excludes this adaptor:
>
>                 /* enable receiving management packets to the host */
>                 if (adapter->hw.mac.type >= e1000_82571) {
>                         manc |= E1000_MANC_EN_MNG2HOST;
> #define E1000_MNG2HOST_PORT_623 (1 << 5)
> #define E1000_MNG2HOST_PORT_664 (1 << 6)
>                         manc2h |= E1000_MNG2HOST_PORT_623;
>                         manc2h |= E1000_MNG2HOST_PORT_664;
>                         E1000_WRITE_REG(&adapter->hw, E1000_MANC2H, manc2h);
>                 }
>
> I'll give the driver a whirl anyway.  If it doesn't, is it safe to write
> 'manc |= E1000_MANC_EN_MNG2HOST' for adapter->hw.mac.type >= e1000_82546?

It may be that register doesnt exist on the earlier adapter, I'm not sure.
There is also a system configuration to avoid that port use by the port
mapper, although the exact way slips my mind right now.
If you can test that would be useful.

Jack

More information about the freebsd-current mailing list