em0 hijacking traffic to port 623

Jack Vogel jfvogel at gmail.com
Tue May 22 16:34:15 UTC 2007 

On 5/22/07, Ian FREISLICH <ianf at clue.co.za> wrote:
> "Jack Vogel" wrote:
> > On 5/21/07, Ian FREISLICH <ianf at clue.co.za> wrote:
> > > Looking at the new source, I'm not sure it will stop this adaptor
> > > gobbling port 623.  It's a 82546EB, e1000_82546_rev_3 e1000_mac_type.
> > > In em_init_manageability(), it looks like it's only disabled for
> > > e1000_mac_type >= e1000_82571 which excludes this adaptor:
> > >
> > >                 /* enable receiving management packets to the host */
> > >                 if (adapter->hw.mac.type >= e1000_82571) {
> > >                         manc |= E1000_MANC_EN_MNG2HOST;
> > > #define E1000_MNG2HOST_PORT_623 (1 << 5)
> > > #define E1000_MNG2HOST_PORT_664 (1 << 6)
> > >                         manc2h |= E1000_MNG2HOST_PORT_623;
> > >                         manc2h |= E1000_MNG2HOST_PORT_664;
> > >                         E1000_WRITE_REG(&adapter->hw, E1000_MANC2H, manc2h)
> ;
> > >                 }
> > >
> > > I'll give the driver a whirl anyway.  If it doesn't, is it safe to write
> > > 'manc |= E1000_MANC_EN_MNG2HOST' for adapter->hw.mac.type >= e1000_82546?
> >
> > If you can test that would be useful.
>
> FWIW, the new driver doesn't disable RCMP filtering on this NIC. :(
>
> But, doing this to the new driver solves the immediate problem for me:
>
> diff -u -d -r1.3 e1000_82540.c
> --- e1000_82540.c       16 May 2007 00:14:23 -0000      1.3
> +++ e1000_82540.c       22 May 2007 11:21:02 -0000
> @@ -316,6 +316,7 @@
>         /* Disable HW ARPs on ASF enabled adapters */
>         manc = E1000_READ_REG(hw, E1000_MANC);
>         manc &= ~E1000_MANC_ARP_EN;
> +       manc &= ~(E1000_MANC_RMCP_EN | E1000_MANC_0298_EN);
>         E1000_WRITE_REG(hw, E1000_MANC, manc);
>
>         E1000_WRITE_REG(hw, E1000_IMC, 0xffffffff);
>
> If you can point me to the propper place or way to effect this.  I
> can see situations where someone would not want to turn this filtering
> off - if they have the IPMI daughterboard on their motherboard.

This is in shared code, so let me forward the issue to the owners of
same here and see what they say.

Cheers,

Jack

More information about the freebsd-current mailing list