I think I know where the source of the confusion stems from. In earlier
versions of netstat.c, the source indeed has a reference to promiscuous
mode. Here's netstat.c from net-tools-1.34.
if (ptr->flags == 0) printf(NLS_CATGETS(catfd, netstatSet,
netstat_noflags, "[NO FLAGS]"));
if (ptr->flags & IFF_ALLMULTI) printf("A");
if (ptr->flags & IFF_BROADCAST) printf("B");
if (ptr->flags & IFF_DEBUG) printf("D");
if (ptr->flags & IFF_LOOPBACK) printf("L");
if (ptr->flags & IFF_PROMISC) printf("M");
if (ptr->flags & IFF_NOTRAILERS) printf("N");
if (ptr->flags & IFF_NOARP) printf("O");
if (ptr->flags & IFF_POINTOPOINT) printf("P");
if (ptr->flags & IFF_RUNNING) printf("R");
if (ptr->flags & IFF_UP) printf("U");
And Redhat 7.2 is using net-tools-1.6, which I assume is where you got your
code snippet from.
--
Gene Lee
[EMAIL PROTECTED]
[EMAIL PROTECTED]
----- Original Message -----
From: "Paul Robertson" <[EMAIL PROTECTED]>
To: "Bruno Negr�o" <[EMAIL PROTECTED]>
Cc: "Gene Lee" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Wednesday, February 20, 2002 5:43 PM
Subject: Re: netstat -i shows promiscuous mode!!
On Wed, 20 Feb 2002, [iso-8859-1] Bruno Negr�o wrote:
> Are you shure about what you're saying?
An interface needs to be in promiscuous mode to accept multicast traffic,
the declarations are in interface.c in the lib part of the net-tools
package:
if (ptr->flags == 0)
printf(_("[NO FLAGS]"));
if (ptr->flags & IFF_ALLMULTI)
printf("A");
if (ptr->flags & IFF_BROADCAST)
printf("B");
if (ptr->flags & IFF_DEBUG)
printf("D");
if (ptr->flags & IFF_LOOPBACK)
printf("L");
if (ptr->flags & IFF_MULTICAST)
printf("M");
#ifdef HAVE_DYNAMIC
if (ptr->flags & IFF_DYNAMIC)
printf("d");
#endif
if (ptr->flags & IFF_PROMISC)
printf("P");
if (ptr->flags & IFF_NOTRAILERS)
printf("N");
if (ptr->flags & IFF_NOARP)
printf("O");
if (ptr->flags & IFF_POINTOPOINT)
printf("P");
if (ptr->flags & IFF_SLAVE)
printf("s");
if (ptr->flags & IFF_MASTER)
printf("m");
if (ptr->flags & IFF_RUNNING)
printf("R");
if (ptr->flags & IFF_UP)
printf("U");
Use the Source Luke.
When in doubt, Open Source gives you the tools to check the validity of
anything by simply seeing what the program actually does- this is
preferable to taking someone's word for it, or questioning them when
they've offered a good faith answer and you're not sure. You should take
advantage of this oppertunity to validate behaviour.
> when I run "ifconfig -promisc eth0" the netstat -i continues to show the
M.
Man ifconfig?
(Hint, it's: "ifconfig interface [aftype] options | address" *NOT*
"ifconfig options [aftype] interface | address")
# netstat -i
Kernel Interface table
Iface MTU Met RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR
Flg
eth0 1500 0 273530 0 0 0 10533 56 0 0
BMRU
lo 16436 0 46 0 0 0 46 0 0 0
LRU
# ifconfig eth0 -promisc
# netstat -i
Kernel Interface table
Iface MTU Met RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR
Flg
eth0 1500 0 273569 0 0 0 10533 56 0 0
BRU
lo 16436 0 46 0 0 0 46 0 0 0
LRU
Works just fine for me- the interface is no longer in promiscuous mode,
and therefore can't accept multicast traffic.
Paul
----------------------------------------------------------------------------
-
Paul D. Robertson "My statements in this message are personal opinions
[EMAIL PROTECTED] which may have no basis whatsoever in fact."
_______________________________________________
Firewalls mailing list
[EMAIL PROTECTED]
http://lists.gnac.net/mailman/listinfo/firewalls
