NIC acting promiscuously -- how to fix?
richw at richw.org
Tue Jan 25 10:43:03 PST 2005
I'm running 5.3-RELEASE-p5 on a system that is functioning as a
NAT router/firewall using "pf". It works just fine, but . . . .
The external (Internet) network connection is giving me incoming
traffic addressed to other users all over my neighborhood (not
just the packets intended for me). The external NIC (an Accton
MPX 5030/5038, handled via the "rl" driver) appears to be running
promiscuously; it's accepting all these incoming packets, whether
addressed to me or not.
The flags shown for the NIC by the "ifconfig" command are:
rl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
Note that the PROMISC flag is =not= set, but the NIC seems to
be acting in a promiscuous fashion nevertheless.
Although my firewall (an old 800-MHz Athlon system) is able to
handle this extra load, I'd really like to configure it so that
the packets not intended for my site are silently dropped and
never seen by FreeBSD at all. (Aside from simple neatness, I'm
aware of the failings of the RealTek 8129/8139 and am hoping to
reduce overhead by filtering out the extraneous traffic before
the driver would see it.)
Any suggestions as to what I should do? Or is what I'm asking
simply impossible (and if so, why)? Thanks for any help.
Rich Wales richw at richw.org http://www.richw.org
More information about the freebsd-stable