Re: Same MAC address in 2 different VLANs
I think you maybe ok. Ive just looked at my esx config and the esx management interfaces use their own generated macs, not the physical interfaces ones. All the vms obviously use generated macs as well. However I only looked over it at a superficial level. Have you considered using a tap or spare phyical interface on your flex box and not linking it to the network? Thank you, that was a brilliant idea: Flex only needs that one interface, with the specific MAC, exists on the host, it does not specifically try to use that interface for managing licenses, so a tap hanging to nowhere is the solution. Best regards, Olivier On 19 July 2013 10:29, Olivier Nicole olivier.nic...@cs.ait.ac.th wrote: Hello, Could any one comment about the use of the same MAC address in 2 separate VLANs? All my machines are connected to 2 VLANs (one public and one private) with no routing in between the VLANs. I used to run a FLEX license manager to a physical machine. When I virtualized that service, I had to use the MAC address of that physical machine for the virtual machine (FLEX is linked to the MAc address and I coul dnot issue new license as licensed the pproduct is not supported anymore). The virtual NIC that has the old MAC address is connected to the public VLAN. Now I want to reuse the physical machine as a VMware server. Dell nor VMware offer a solution to change the MAC address (like ifconfig em0 link xx:xx:xx:xx:xx:xx would do). So I plan to connect the NIC with the incriminated MAC to the private VLAN. Most (if not all) my servers are FreeBSD. Most will access the virtual machine running FLEX and may access the VMware server also. The servers are not VLAN aware. Will this be an issue? Best regars, Olivier -- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Same MAC address in 2 different VLANs
Hello, Could any one comment about the use of the same MAC address in 2 separate VLANs? All my machines are connected to 2 VLANs (one public and one private) with no routing in between the VLANs. I used to run a FLEX license manager to a physical machine. When I virtualized that service, I had to use the MAC address of that physical machine for the virtual machine (FLEX is linked to the MAc address and I coul dnot issue new license as licensed the pproduct is not supported anymore). The virtual NIC that has the old MAC address is connected to the public VLAN. Now I want to reuse the physical machine as a VMware server. Dell nor VMware offer a solution to change the MAC address (like ifconfig em0 link xx:xx:xx:xx:xx:xx would do). So I plan to connect the NIC with the incriminated MAC to the private VLAN. Most (if not all) my servers are FreeBSD. Most will access the virtual machine running FLEX and may access the VMware server also. The servers are not VLAN aware. Will this be an issue? Best regars, Olivier -- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Same MAC address in 2 different VLANs
I think you maybe ok. Ive just looked at my esx config and the esx management interfaces use their own generated macs, not the physical interfaces ones. All the vms obviously use generated macs as well. However I only looked over it at a superficial level. Have you considered using a tap or spare phyical interface on your flex box and not linking it to the network? On 19 July 2013 10:29, Olivier Nicole olivier.nic...@cs.ait.ac.th wrote: Hello, Could any one comment about the use of the same MAC address in 2 separate VLANs? All my machines are connected to 2 VLANs (one public and one private) with no routing in between the VLANs. I used to run a FLEX license manager to a physical machine. When I virtualized that service, I had to use the MAC address of that physical machine for the virtual machine (FLEX is linked to the MAc address and I coul dnot issue new license as licensed the pproduct is not supported anymore). The virtual NIC that has the old MAC address is connected to the public VLAN. Now I want to reuse the physical machine as a VMware server. Dell nor VMware offer a solution to change the MAC address (like ifconfig em0 link xx:xx:xx:xx:xx:xx would do). So I plan to connect the NIC with the incriminated MAC to the private VLAN. Most (if not all) my servers are FreeBSD. Most will access the virtual machine running FLEX and may access the VMware server also. The servers are not VLAN aware. Will this be an issue? Best regars, Olivier -- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Same MAC address in 2 different VLANs
Hello, Could any one comment about the use of the same MAC address in 2 separate VLANs? [...] Will this be an issue? You might run into problems if the two (virtual) systems are attached to a different port on your switch. Some switches don't take the vlan into account when learning on which port a mac address exists. These switches will see the mac address jumping between ports all the time. Joost. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
something wrong of ifconfig bridge0 addr - mac address appears on wrong interface
( untrust ) --- ( em0 , bridge0 , em1 ) --- ( trust ) Sometimes , I cannot connect to trust server from untrust. I log some information from ifconfig bridge0 addr. It seems some thing wrong of trust server's mac appear on em0. trust serv1's mac: 00:50:56:af:2e:43 trust serv2's mac: 00:50:56:af:75:63 STEP1: The serv2 is not shown in bridge addr. table tp-fw [~] -root- ifconfig bridge0 addr 00:50:56:af:2e:43 Vlan1 em1 1200 flags=0 64:9e:f3:06:52:03 Vlan1 em0 1192 flags=0 70:ca:9b:e3:a5:83 Vlan1 em0 1192 flags=0 70:ca:9b:e3:a5:c3 Vlan1 em0 1200 flags=0 STEP2: I ping the serv2's ip from untrust , and I got 100% packet loss. STEP3: show bridge addr. table again tp-fw [~] -root- ifconfig bridge0 addr 00:50:56:af:75:63 Vlan1 em0 1198 flags=0 00:50:56:af:2e:43 Vlan1 em1 1200 flags=0 64:9e:f3:06:52:03 Vlan1 em0 1150 flags=0 70:ca:9b:e3:a5:83 Vlan1 em0 1150 flags=0 70:ca:9b:e3:a5:c3 Vlan1 em0 1200 flags=0 OMG! It's wrong of the 00:50:56:af:75:63 is shown with em0 interface. STEP4: I ping the serv2's ip from tp-fw , and I got icmp reply. STEP5: show bridge addr. table again tp-fw [~] -root- ifconfig bridge0 addr 00:50:56:af:75:63 Vlan1 em1 1197 flags=0 00:50:56:af:2e:43 Vlan1 em1 1199 flags=0 64:9e:f3:06:52:03 Vlan1 em0 1170 flags=0 70:ca:9b:e3:a5:83 Vlan1 em0 1170 flags=0 70:ca:9b:e3:a5:c3 Vlan1 em0 1200 flags=0 The 00:50:56:af:75:63 is shown with em1 interface correctly. Why does STEP2 cause the wrong bridge addr table? How to solve it? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Changing the MAC address on a LAN adapter
On Sun, Jan 23, 2011 at 3:47 PM, John R. Levine jo...@iecc.com wrote: Is this a known problem? As far as I know, it's supposed to work. How you change MAC address? With ether command? # ifconfig em0 ether 01:17:a4:8f:04:5d Well, if it does not work it can be driver bug. In iwn case try to set MAC address of iwn before creating wlan or you will need to set same MAC on wlanX and iwn. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Changing the MAC address on a LAN adapter
On 01/25/11 01:14, Paul B Mahol wrote: On Sun, Jan 23, 2011 at 3:47 PM, John R. Levinejo...@iecc.com wrote: Is this a known problem? As far as I know, it's supposed to work. How you change MAC address? With ether command? # ifconfig em0 ether 01:17:a4:8f:04:5d Well, if it does not work it can be driver bug. In iwn case try to set MAC address of iwn before creating wlan or you will need to set same MAC on wlanX and iwn. Actually I can confirm that. I use lagg for failover, and I remember now you have to set the 'real' interface to the MAC of the other lagg member, not a 'psuedo-device' or it won't work. Same principle applies here. HTH ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Changing the MAC address on a LAN adapter
Is this a known problem? As far as I know, it's supposed to work. Well, if it does not work it can be driver bug. Well, yes, that's what I'm asking. Is it a known driver bug? In iwn case try to set MAC address of iwn before creating wlan or you will need to set same MAC on wlanX and iwn. Done that, doesn't help. Regards, John Levine, jo...@iecc.com, Primary Perpetrator of The Internet for Dummies, Please consider the environment before reading this e-mail. http://jl.ly___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Changing the MAC address on a LAN adapter
Da Rock wrote: On 01/25/11 01:14, Paul B Mahol wrote: On Sun, Jan 23, 2011 at 3:47 PM, John R. Levinejo...@iecc.com wrote: Is this a known problem? As far as I know, it's supposed to work. How you change MAC address? With ether command? # ifconfig em0 ether 01:17:a4:8f:04:5d Well, if it does not work it can be driver bug. In iwn case try to set MAC address of iwn before creating wlan or you will need to set same MAC on wlanX and iwn. Actually I can confirm that. I use lagg for failover, and I remember now you have to set the 'real' interface to the MAC of the other lagg member, not a 'psuedo-device' or it won't work. Same principle applies here. HTH ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org Ethernet MAC addresses are assigned by the manufacturer of the equipment. Each unit gets a unique address which generally can't be changed and shouldn't be changed. The manufacturer buys a block of addresses from the IEEE. Best regards, Fred ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Changing the MAC address on a LAN adapter
On Jan 24, 2011, at 10:44 AM, Fred wrote: Ethernet MAC addresses are assigned by the manufacturer of the equipment. Each unit gets a unique address which generally can't be changed and shouldn't be changed. The manufacturer buys a block of addresses from the IEEE. Yes, although folks can set the locally administered bit in the 6-byte MAC address instead of using globally administered addresses vendor-assigned blocks from IEEE OUI... Regards, -- -Chuck ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Changing the MAC address on a LAN adapter
On 01/25/11 04:44, Fred wrote: Da Rock wrote: On 01/25/11 01:14, Paul B Mahol wrote: On Sun, Jan 23, 2011 at 3:47 PM, John R. Levinejo...@iecc.com wrote: Is this a known problem? As far as I know, it's supposed to work. How you change MAC address? With ether command? # ifconfig em0 ether 01:17:a4:8f:04:5d Well, if it does not work it can be driver bug. In iwn case try to set MAC address of iwn before creating wlan or you will need to set same MAC on wlanX and iwn. Actually I can confirm that. I use lagg for failover, and I remember now you have to set the 'real' interface to the MAC of the other lagg member, not a 'psuedo-device' or it won't work. Same principle applies here. HTH ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org Ethernet MAC addresses are assigned by the manufacturer of the equipment. Each unit gets a unique address which generally can't be changed and shouldn't be changed. The manufacturer buys a block of addresses from the IEEE. Best regards, Fred Yes, but for lagg to work both adapters need the same MAC- otherwise routing wouldn't work properly (long story short). BTW, my wifi is iwn and I have had no trouble. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Changing the MAC address on a LAN adapter
On Sun, Jan 23, 2011 at 3:38 AM, John Levine jo...@iecc.com wrote: My Lenovo laptop running 8.1 has two ordinary Intel network adapters, a wired PRO/1000 with the em driver and a WiFi PRO/Wireless 5300 with the iwn driver. They work fine, but for either one if I use ifconfig to change the MAC address, the adapter won't actually work until I change the address back to the native one. Typical symptoms are endless DHCP queries with no response. Is this a known problem? As far as I know, it's supposed to work. How you change MAC address? With ether command? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Changing the MAC address on a LAN adapter
Is this a known problem? As far as I know, it's supposed to work. How you change MAC address? With ether command? # ifconfig em0 ether 01:17:a4:8f:04:5d Regards, John Levine, jo...@iecc.com, Primary Perpetrator of The Internet for Dummies, Please consider the environment before reading this e-mail. http://jl.ly___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Changing the MAC address on a LAN adapter
My Lenovo laptop running 8.1 has two ordinary Intel network adapters, a wired PRO/1000 with the em driver and a WiFi PRO/Wireless 5300 with the iwn driver. They work fine, but for either one if I use ifconfig to change the MAC address, the adapter won't actually work until I change the address back to the native one. Typical symptoms are endless DHCP queries with no response. Is this a known problem? As far as I know, it's supposed to work. R's, John PS: If you were wondering, obnoxious airport wifi that cuts you off after an hour and won't let you back on until the next day, keyed by MAC address. em0: Intel(R) PRO/1000 Network Connection 7.0.5 port 0x1840-0x185f mem 0xf260-0xf261,0xf2625000-0xf2625fff irq 20 at device 25.0 on pci0 em0: Using MSI interrupt iwn0: Intel(R) PRO/Wireless 5300 mem 0xf250-0xf2501fff irq 17 at device 0.0 on pci3 iwn0: MIMO 3T3R, MoW, address 00:21:6a:b5:18:48 iwn0: [ITHREAD] iwn0: 11a rates: 6Mbps 9Mbps 12Mbps 18Mbps 24Mbps 36Mbps 48Mbps 54Mbps iwn0: 11b rates: 1Mbps 2Mbps 5.5Mbps 11Mbps iwn0: 11g rates: 1Mbps 2Mbps 5.5Mbps 11Mbps 6Mbps 9Mbps 12Mbps 18Mbps 24Mbps 36Mbps 48Mbps 54Mbps ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
change MAC address for PPPoE connection
Hello I'm using PPPoE link to connect to the INTERNET. my problem is that I have to change my MAC address for my night time link. I do that using ifconfig command before connecting the night link: *killall ppp ifconfig cdce0 ether 2a:00:00:00:00:00 ppp -ddial adslnight* cdce0 is the interface connected to the ADSL modem. command will change the MAC address on the interface but PPP still uses the old MAC (I can see it over tcpdump). I think it's some cache or something that keeps the old MAC. please help me, I couldn't find anything related on-line. my ppp.conf: *adsl: set log Phase tun command set redial 99 3 set device PPPoE:cdce0 set authname UserName set authkey Password set dial set login add default HISADDR adslnight: set log Phase tun command set redial 99 3 set device PPPoE:cdce0 set authname NightUserName set authkey NightPassword set dial set login add default HISADDR* ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: IPFW with MAC address configuration
In freebsd-questions Digest, Vol 321, Issue 12, Message: 31 On Fri, 30 Jul 2010 07:18:40 -0400 Carmel carmel...@hotmail.com wrote: I am trying to set up a rule using IPFW that utilizes a MAC address rather than an IP one. ipfw -q allow log tcp from MAC 00-14-A4-43-8E-BA to me 137 in via nfe0 setup keep-state Would that work, assuming the machine I want to allow access has that MAC address? It's not quite that simple. If you need to examine MAC addresses or anything else at layer 2 you first have to set net.link.ether.ipfw=1 Controls whether layer-2 packets are passed to ipfw. Default is no. Then you'll see all packets from ether_demux and ether_output_frame as well as the usual layer 3 packets (ie after layer2 headers are removed) from ip_input and ip_output. Read the PACKET FLOW section in ipfw(8) for what you need to do to first separate layer2 and layer3 packets, as testing for layer2 options like MAC obviously fails on layer3 packets. Even after separating out the layer2 flows I'm not sure whether you can use keep-state with such rules. And anyway, port 137 (netbios-ns) is a UDP service, not TCP. Is this to do with Samba, or what? Please cc me on any reply; I'm subscribed to questions as a -digest which can take half a day, and the threading gets mangled. cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
IPFW with MAC address configuration
I am trying to set up a rule using IPFW that utilizes a MAC address rather than an IP one. ipfw -q allow log tcp from MAC 00-14-A4-43-8E-BA to me 137 in via nfe0 setup keep-state Would that work, assuming the machine I want to allow access has that MAC address? -- Carmel ✌ carmel...@hotmail.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: IPFW with MAC address configuration
On 07/30/2010 01:18 PM, Carmel wrote: I am trying to set up a rule using IPFW that utilizes a MAC address rather than an IP one. ipfw -q allow log tcp from MAC 00-14-A4-43-8E-BA to me 137 in via nfe0 setup keep-state Would that work, assuming the machine I want to allow access has that MAC address? According to the manual (man ipfw) I guess the rule would something like: ipfw add 1000 allow log tcp MAC any 00:14:A4:43:8E:BA/33 to me 137 in via nfe0 setup keep-state From the manual: { MAC | mac } dst-mac src-mac Match packets with a given dst-mac and src-mac addresses, speci- fied as the any keyword (matching any MAC address), or six groups of hex digits separated by colons, and optionally followed by a mask indicating the significant bits. The mask may be specified using either of the following methods: 1. A slash (/) followed by the number of significant bits. For example, an address with 33 significant bits could be specified as: MAC 10:20:30:40:50:60/33 any 2. An ampersand () followed by a bitmask specified as six groups of hex digits separated by colons. For example, an address in which the last 16 bits are significant could be specified as: MAC 10:20:30:40:50:6000:00:00:00:ff:ff any Note that the ampersand character has a special meaning in many shells and should generally be escaped. Note that the order of MAC addresses (destination first, source second) is the same as on the wire, but the opposite of the one used for IP addresses. DISCLAIMER: This e-mail is for the intended recipient(s) only. Access, disclosure, copying, distribution or reliance on any of it by anyone else is prohibited. If you have received it by mistake please let us know by reply and then delete it from your system. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: IPFW with MAC address configuration
On 07/30/2010 01:18 PM, Carmel wrote: I am trying to set up a rule using IPFW that utilizes a MAC address rather than an IP one. ipfw -q allow log tcp from MAC 00-14-A4-43-8E-BA to me 137 in via nfe0 setup keep-state Would that work, assuming the machine I want to allow access has that MAC address? According to the manual (man ipfw) I guess the rule would something like: ipfw add 1000 allow log tcp MAC any 00:14:A4:43:8E:BA/33 to me 137 in via nfe0 setup keep-state To match this mac address exactly it should have MAC any 00:14:A4:43:8E:BA/48 I'm not sure about this DISCLAIMER: This e-mail is for the intended recipient(s) only. Access, disclosure, copying, distribution or reliance on any of it by anyone else is prohibited. If you have received it by mistake please let us know by reply and then delete it from your system. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: yikes! MAC address changed ??
Sorry for replying to myself (AND top-posting!) twice in a row, but this is become a huge concern. My first thought is that my provider changed routers or router Ethernet ports, hence the MAC address change. They deny this, plus I find the two MAC addresses: 00:17:e0:4f:b9:c0 to 00:13:e0:4f:b9:c0 too close to each other for comfort. My obvious concern here is that the recent php compromises somehow allowed an attacker to alter the ARP table entry of the default gateway. Specific questions are as follows: 1) If this were done via a perl or php script, presumably executing an 'arp -s' command, would it show up in the log like that? I've never changed an ARP entry (except to delete it using 'arp -d'), so I've only seen log entries like that due to external changes, like somebody changing IPs on the LAN from one Ether to another. 2) Could an Ethernet card defect or re0 driver problem cause anything like this? Other bug? 3) If this was an attacker using a local script, how the hell does he get a php or perl script owned by UID 80 (or worst case, a user), to do this? Thanks again for any insight...appreciate a reply to both list and directly. On Wed, 10 Feb 2010, James Smallacombe wrote: Please disregard this...sleep deprication...the IP in questions (which I should have disfuised anyway) was not my server's IP, but that of the default gateway...the problem was external. On Wed, 10 Feb 2010, James Smallacombe wrote: This freaked me out a bit, so I'm just running it past the list to make sure this is just a hardware issue...I've never seen it before. My dedicated server provider replaced my defective server that had been up for 6 months after it had apparent failures of a NIC and hard drives. It had also recently been the victim of the Zen Cart exploits (I posted about this not long ago). Tonight I lost connectivity to it, got in via KVM/IP and saw this in the syslog: Feb 10 20:42:51 mail kernel: arp: 209.17.170.1 moved from 00:17:e0:4f:b9:c0 to 00:13:e0:4f:b9:c0 on re0 My first reaction was that somebody else on the LAN had used my IP address, which would have explained the connectivity issues. However, the IP couldn't be pinged and I also noticed that only one number in the address had changed...the odds of somebody else having it were long. ifconfig showed the I/F down, no carrier. I rebooted and then it came up with yet a third MAC address, 00:14:d1:3c:1e:31 Not really even close. Still no carrier. Provider swaps out the Realtek NIC for a new one and it's working (for now). Questions that come to mind: could their be a DoS perhaps from a bot or c99shell I didn't find? Even if their was, would it be possible for the www user, with no priveleges to even cause this kind of problem? I had disabled suhosin after customers patched their Zen Carts, because it interfered with it. Or...could this be a bug in the re0 driver? It's just weird. James Smallacombe PlantageNet, Inc. CEO and Janitor u...@3.am http://3.am = James Smallacombe PlantageNet, Inc. CEO and Janitor u...@3.am http://3.am = James Smallacombe PlantageNet, Inc. CEO and Janitor u...@3.am http://3.am = ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: yikes! MAC address changed ??
On 11/02/2010 11:00, James Smallacombe wrote: Sorry for replying to myself (AND top-posting!) twice in a row, but this is become a huge concern. My first thought is that my provider changed routers or router Ethernet ports, hence the MAC address change. They deny this, plus I find the two MAC addresses: 00:17:e0:4f:b9:c0 to 00:13:e0:4f:b9:c0 too close to each other for comfort. My obvious concern here is that the recent php compromises somehow allowed an attacker to alter the ARP table entry of the default gateway. Specific questions are as follows: They're not just close: it's a single bit change between the two MACs 1) If this were done via a perl or php script, presumably executing an 'arp -s' command, would it show up in the log like that? I've never changed an ARP entry (except to delete it using 'arp -d'), so I've only seen log entries like that due to external changes, like somebody changing IPs on the LAN from one Ether to another. You'ld need root level access to change something like that, no matter if it was from the shell or via some scripting language. If an attacker has the capability to do that to you, then it's *game* *over* -- wipe the box and start again. Of course, that's a pretty bizarre thing for an attacker to do. It draws attention to itself by disrupting your network communications and there isn't any obvious advantage to be gained by doing that. [There might be if the MAC was changed to collide with another one on the same network segment but I believe that is not the case here.] It's not 'arp -s' that is used to change the MAC address on an interface, but ifconfig(8) -- something like this: # ifconfig re0 ether 00:17:e0:4f:b9:c0 In fact, you can use this to help diagnose your potential hardware problem. Try changing the 2nd byte of the MAC to some other arbitrary values. If you find that 0x4 bit always toggled to zero, it's pretty definitively a hardware problem. Note: log into the console or via different network interface befre trying this or you'll kick yourself off the machine. 2) Could an Ethernet card defect or re0 driver problem cause anything like this? Other bug? Yes -- this is the most likely cause. Hardware problems. The MAC address is built into the network card using an EEPROM or such like, and those can conceivably go bad. Replace the NIC and see if the problems go away. 3) If this was an attacker using a local script, how the hell does he get a php or perl script owned by UID 80 (or worst case, a user), to do this? You don't. You need root access to change the MAC on a network interface. Same as for changing the IP number on the interface. Check /etc/rc.conf -- if there aren't ifconfig commands in there to modify the ether or link address, and if the modified MAC survives a system reboot, then it's almost certainly hardware going kaput. Even if the MAC does recover on reboot, it still might be flakey hardware. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard, Flat 3 Black Earth Consulting Ramsgate Kent, CT11 9PW Free and Open Source Solutions Tel: +44 (0)1843 580647 signature.asc Description: OpenPGP digital signature
Re: yikes! MAC address changed ??
On Thu, 11 Feb 2010, Matthew Seaman wrote: On 11/02/2010 11:00, James Smallacombe wrote: Sorry for replying to myself (AND top-posting!) twice in a row, but this is become a huge concern. My first thought is that my provider changed routers or router Ethernet ports, hence the MAC address change. They deny this, plus I find the two MAC addresses: 00:17:e0:4f:b9:c0 to 00:13:e0:4f:b9:c0 too close to each other for comfort. My obvious concern here is that the recent php compromises somehow allowed an attacker to alter the ARP table entry of the default gateway. Specific questions are as follows: They're not just close: it's a single bit change between the two MACs 1) If this were done via a perl or php script, presumably executing an 'arp -s' command, would it show up in the log like that? I've never changed an ARP entry (except to delete it using 'arp -d'), so I've only seen log entries like that due to external changes, like somebody changing IPs on the LAN from one Ether to another. You'ld need root level access to change something like that, no matter if it was from the shell or via some scripting language. If an attacker has the capability to do that to you, then it's *game* *over* -- wipe the box and start again. Of course, that's a pretty bizarre thing for an attacker to do. It draws attention to itself by disrupting your network communications and there isn't any obvious advantage to be gained by doing that. [There might be if the MAC was changed to collide with another one on the same network segment but I believe that is not the case here.] I figure root at some point is needed, but wondered if there was another POA I had to worry about. In effect, I already wiped out this server a few days ago...new drives with new / FS from 7.2-RELEASE. However, I did copy over /usr/local and /home file systems from the old server's drive, and parts of /var. Everything in / (including /usr) is fresh. It's not 'arp -s' that is used to change the MAC address on an interface, but ifconfig(8) -- something like this: # ifconfig re0 ether 00:17:e0:4f:b9:c0 See my second post. I screwed up in my first post. It wasn't the MAC address of my NIC that changed, it's the MAC address of the DEFAULT GATEWAY that changed. I believe that would use 'arp', not 'ifconfig', right? 2) Could an Ethernet card defect or re0 driver problem cause anything like this? Other bug? Yes -- this is the most likely cause. Hardware problems. The MAC address is built into the network card using an EEPROM or such like, and those can conceivably go bad. Replace the NIC and see if the problems go away. Ok, longer shot here...could a hardware problem on my box screw up the MAC address of the default gateway? It should be noted that when I did and ifconfig -a during this down time, the Ether showed no carrier. Could messed up ARP tables even do that? I would think that the carrier just needs a cable plugged from the NIC into a switch? 3) If this was an attacker using a local script, how the hell does he get a php or perl script owned by UID 80 (or worst case, a user), to do this? You don't. You need root access to change the MAC on a network interface. Same as for changing the IP number on the interface. Check /etc/rc.conf -- if there aren't ifconfig commands in there to modify the ether or link address, and if the modified MAC survives a system reboot, then it's almost certainly hardware going kaput. Even if the MAC does recover on reboot, it still might be flakey hardware. Still had no carrier after reboot. Only after swapping the NIC. Does a reboot wipe out the ARP tables? James Smallacombe PlantageNet, Inc. CEO and Janitor u...@3.am http://3.am = ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: yikes! MAC address changed ??
On 11/02/2010 11:00, James Smallacombe wrote: Sorry for replying to myself (AND top-posting!) twice in a row, but this is become a huge concern. My first thought is that my provider changed routers or router Ethernet ports, hence the MAC address change. They deny this, plus I find the two MAC addresses: 00:17:e0:4f:b9:c0 to 00:13:e0:4f:b9:c0 If it wasnt for the 00:17 to 00:13 change I would suggest that it was a HSRP/VRRP change, (Virtual ip used by 2 routers in a fail over fashion) as I see this message often on one of my boxes which are on a LAN with a pair of ZXTM Load balancers, when one moves from active to passive and the other takes over (at least I assume thats what they are doing as apparently they arent running active-active.) arp: 85.233.xxx.xxx moved from 00:30:48:d4:8c:2a to 00:30:48:d4:8e:86 on em0 arp: 85.233.xxx.xxx moved from 00:30:48:d4:8e:86 to 00:30:48:d4:8c:2a on em0 arp: 85.233.xxx.xxx moved from 00:30:48:d4:8c:2a to 00:30:48:d4:8e:86 on em0 arp: 85.233.xxx.xxx moved from 00:30:48:d4:8e:86 to 00:30:48:d4:8c:2a on em0 arp: 85.233.xxx.xxx moved from 00:30:48:d4:8b:c9 to 00:30:48:d4:8e:d1 on em0 arp: 85.233.xxx.xxx moved from 00:30:48:d4:8e:d1 to 00:30:48:d4:8b:c9 on em0 However in your case, while 00:17:E0 is reasonable (a cisco mac address) 00:13:E0 is a little worrying as apparently its a Murata Manufacturing(whoever they are) mac address (see http://www.coffer.com/mac_find/?string=00%3A13%3Ae0%3A4f%3Ab9%3Ac0) you can check if its a static entry in your arp tables using arp -a | grep permanent The only permanent entries should be your local IPs (whatever you have configured on your interfaces) unless you have any others you have put in yourself. so for my server i have r...@seaurchin ~]# arp -a | grep permanent seaurchin.the.namesco.net (85.233.xxx.xxx) at 00:11:43:d8:2c:df on em0 permanent [ethernet] ? (10.20.0.3) at 00:11:43:d8:2c:df on em0 permanent [ethernet] (10.20.0.3 is a jail) If i manually add an arp entry [r...@seaurchin ~]# arp -s 85.233.xxx.254 00:30:48:b8:55:ff [r...@seaurchin ~]# arp -a | grep permanent ? (85.233.xxx.254) at 00:30:48:b8:55:ff on em0 permanent [ethernet] seaurchin.the.namesco.net (85.233.xxx.xxx) at 00:11:43:d8:2c:df on em0 permanent [ethernet] ? (10.20.0.3) at 00:11:43:d8:2c:df on em0 permanent [ethernet] Hope this helps a little. Vince too close to each other for comfort. My obvious concern here is that the recent php compromises somehow allowed an attacker to alter the ARP table entry of the default gateway. Specific questions are as follows: 1) If this were done via a perl or php script, presumably executing an 'arp -s' command, would it show up in the log like that? I've never changed an ARP entry (except to delete it using 'arp -d'), so I've only seen log entries like that due to external changes, like somebody changing IPs on the LAN from one Ether to another. 2) Could an Ethernet card defect or re0 driver problem cause anything like this? Other bug? 3) If this was an attacker using a local script, how the hell does he get a php or perl script owned by UID 80 (or worst case, a user), to do this? Thanks again for any insight...appreciate a reply to both list and directly. On Wed, 10 Feb 2010, James Smallacombe wrote: Please disregard this...sleep deprication...the IP in questions (which I should have disfuised anyway) was not my server's IP, but that of the default gateway...the problem was external. On Wed, 10 Feb 2010, James Smallacombe wrote: This freaked me out a bit, so I'm just running it past the list to make sure this is just a hardware issue...I've never seen it before. My dedicated server provider replaced my defective server that had been up for 6 months after it had apparent failures of a NIC and hard drives. It had also recently been the victim of the Zen Cart exploits (I posted about this not long ago). Tonight I lost connectivity to it, got in via KVM/IP and saw this in the syslog: Feb 10 20:42:51 mail kernel: arp: 209.17.170.1 moved from 00:17:e0:4f:b9:c0 to 00:13:e0:4f:b9:c0 on re0 My first reaction was that somebody else on the LAN had used my IP address, which would have explained the connectivity issues. However, the IP couldn't be pinged and I also noticed that only one number in the address had changed...the odds of somebody else having it were long. ifconfig showed the I/F down, no carrier. I rebooted and then it came up with yet a third MAC address, 00:14:d1:3c:1e:31 Not really even close. Still no carrier. Provider swaps out the Realtek NIC for a new one and it's working (for now). Questions that come to mind: could their be a DoS perhaps from a bot or c99shell I didn't find? Even if their was, would it be possible for the www user, with no priveleges to even cause this kind of problem? I had disabled suhosin after customers patched their Zen Carts, because it interfered with it. Or...could this be a bug
Re: yikes! MAC address of default gateway changed ??
Hi: Please reply-all ; I am not subscribed On Thu, 11 Feb 2010, Vince Hoffman wrote: On 11/02/2010 11:00, James Smallacombe wrote: Sorry for replying to myself (AND top-posting!) twice in a row, but this is become a huge concern. My first thought is that my provider changed routers or router Ethernet ports, hence the MAC address change. They deny this, plus I find the two MAC addresses: 00:17:e0:4f:b9:c0 to 00:13:e0:4f:b9:c0 On 11/02/2010 11:00, James Smallacombe wrote: Sorry for replying to myself (AND top-posting!) twice in a row, but this is become a huge concern. My first thought is that my provider changed routers or router Ethernet ports, hence the MAC address change. They deny this, plus I find the two MAC addresses: 00:17:e0:4f:b9:c0 to 00:13:e0:4f:b9:c0 However in your case, while 00:17:E0 is reasonable (a cisco mac address) 00:13:E0 is a little worrying as apparently its a Murata Manufacturing(whoever they are) mac address (see http://www.coffer.com/mac_find/?string=00%3A13%3Ae0%3A4f%3Ab9%3Ac0) Well, that rules out anything by the provider. you can check if its a static entry in your arp tables using arp -a | grep permanent The only permanent entries should be your local IPs (whatever you have configured on your interfaces) unless you have any others you have put in yourself. so for my server i have r...@seaurchin ~]# arp -a | grep permanent seaurchin.the.namesco.net (85.233.xxx.xxx) at 00:11:43:d8:2c:df on em0 permanent [ethernet] ? (10.20.0.3) at 00:11:43:d8:2c:df on em0 permanent [ethernet] Obviously the ARP entry is long gone now and I don't recall if it was permanent or not. It just leaves a couple of questions: If it was caused by a malicious arp command on my server, wouldn't a reboot have gotten rid of it? Would it also result in a NO CARRIER on the interface? Network did not come back until the Ethernet card was swapped. The bottom line is whether it is possible for a NIC failure to cause the kernel to register an ARP change. Thanks again to everyone... James Smallacombe PlantageNet, Inc. CEO and Janitor u...@3.am http://3.am = ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: yikes! MAC address changed ??
On 11/02/2010 12:22, James Smallacombe wrote: It's not 'arp -s' that is used to change the MAC address on an interface, but ifconfig(8) -- something like this: # ifconfig re0 ether 00:17:e0:4f:b9:c0 See my second post. I screwed up in my first post. It wasn't the MAC address of my NIC that changed, it's the MAC address of the DEFAULT GATEWAY that changed. I believe that would use 'arp', not 'ifconfig', right? Ah, right. Please ignore my previous bletherings. Had wrong end of stick. 2) Could an Ethernet card defect or re0 driver problem cause anything like this? Other bug? Yes -- this is the most likely cause. Hardware problems. The MAC address is built into the network card using an EEPROM or such like, and those can conceivably go bad. Replace the NIC and see if the problems go away. Ok, longer shot here...could a hardware problem on my box screw up the MAC address of the default gateway? It should be noted that when I did and ifconfig -a during this down time, the Ether showed no carrier. Could messed up ARP tables even do that? I would think that the carrier just needs a cable plugged from the NIC into a switch? I still think it's probably hardware. The question is: duff router or duff server? A good test is to see what happens to another box on the same network segment. If there's another machine already there that will do, or try plugging in a laptop configured with a spare IP and the correct default gateway. Then try pinging around other addresses on the network, and beyond your gateway box. If this third machine: * can ping the world successfully, and gets the original (correct) mac address -- then your server is where the problem is * can ping the world successfully, but gets the changed mac address -- then your router has somehow changed mac: whether deliberately, by operator accident or by hardware flaking out. In which case, you can leave everything running with the changed mac for the time being while you concentrate on dealing with the router. * can't ping the default gateway or ping through it, but can ping other machines on the local net, irrespective of what MAC it picks up for the default gateway. -- then the router is fubar. At best it is responding to ARP requests with a corrupt MAC address and can be cured by a reboot or similar. At worst, it needs expensive replacement therapy. You can't change the MAC address on the router by fiddling with arp(8) on your server. You can however terminally confuse your server as to what the MAC address of the router really is, and you can make mayhem by creating an arp conflict and having your machine usurp the router's mac address. Best not to do either of those things. Just let the arp table be populated automatically. Unless marked as permanent, addresses in the arp cache will time out and be refreshed once they reach the maximum age: % sysctl net.link.ether.inet.max_age net.link.ether.inet.max_age: 1200 which equates to 20 minutes. So if you simply wait, it will frequently sort itself out. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard, Flat 3 Black Earth Consulting Ramsgate Kent, CT11 9PW Free and Open Source Solutions Tel: +44 (0)1843 580647 signature.asc Description: OpenPGP digital signature
Re: yikes! MAC address of default gateway changed ??
On 11/02/2010 14:28, James Smallacombe wrote: If it was caused by a malicious arp command on my server, wouldn't a reboot have gotten rid of it? Would it also result in a NO CARRIER on the interface? Network did not come back until the Ethernet card was swapped. The bottom line is whether it is possible for a NIC failure to cause the kernel to register an ARP change. Yes. Getting 'NO CARRIER' all of a sudden after the NIC has been behaving weirdly looks very much like hardware spiralling into oblivion and not enemy action. Having a corrupted arp cache is also likely a symptom of hardware going bad. NIC failure can have the observed results, and it's quite likely that on reboot the NIC would fail to work entirely in that situation. Actually, one thing it's always a good idea to test in these circumstances is that it's not a broken or loose ethernet cable. This can cause all sorts of similar weirdness, but it's a lot easier and cheaper to fix. I've seen the like sort of problems just from people pulling cable ties too tight. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard, Flat 3 Black Earth Consulting Ramsgate Kent, CT11 9PW Free and Open Source Solutions Tel: +44 (0)1843 580647 signature.asc Description: OpenPGP digital signature
Mac address changed ??
This freaked me out a bit, so I'm just running it past the list to make sure this is just a hardware issue...I've never seen it before. My dedicated server provider replaced my defective server that had been up for 6 months after it had apparent failures of a NIC and hard drives. It had also recently been the victim of the Zen Cart exploits (I posted about this not long ago). Tonight I lost connectivity to it, got in via KVM/IP and saw this in the syslog: Feb 10 20:42:51 mail kernel: arp: 209.17.170.1 moved from 00:17:e0:4f:b9:c0 to 00:13:e0:4f:b9:c0 on re0 My first reaction was that somebody else on the LAN had used my IP address, which would have explained the connectivity issues. However, the IP couldn't be pinged and I also noticed that only one number in the address had changed...the odds of somebody else having it were long. ifconfig showed the I/F down, no carrier. I rebooted and then it came up with yet a third MAC address, 00:14:d1:3c:1e:31 Not really even close. Still no carrier. Provider swaps out the Realtek NIC for a new one and it's working (for now). Questions that come to mind: could their be a DoS perhaps from a bot or c99shell I didn't find? Even if their was, would it be possible for the www user, with no priveleges to even cause this kind of problem? I had disabled suhosin after customers patched their Zen Carts, because it interfered with it. Or...could this be a bug in the re0 driver? It's just weird. James Smallacombe PlantageNet, Inc. CEO and Janitor u...@3.am http://3.am = ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Mac address changed ??
Please disregard this...sleep deprication...the IP in questions (which I should have disfuised anyway) was not my server's IP, but that of the default gateway...the problem was external. On Wed, 10 Feb 2010, James Smallacombe wrote: This freaked me out a bit, so I'm just running it past the list to make sure this is just a hardware issue...I've never seen it before. My dedicated server provider replaced my defective server that had been up for 6 months after it had apparent failures of a NIC and hard drives. It had also recently been the victim of the Zen Cart exploits (I posted about this not long ago). Tonight I lost connectivity to it, got in via KVM/IP and saw this in the syslog: Feb 10 20:42:51 mail kernel: arp: 209.17.170.1 moved from 00:17:e0:4f:b9:c0 to 00:13:e0:4f:b9:c0 on re0 My first reaction was that somebody else on the LAN had used my IP address, which would have explained the connectivity issues. However, the IP couldn't be pinged and I also noticed that only one number in the address had changed...the odds of somebody else having it were long. ifconfig showed the I/F down, no carrier. I rebooted and then it came up with yet a third MAC address, 00:14:d1:3c:1e:31 Not really even close. Still no carrier. Provider swaps out the Realtek NIC for a new one and it's working (for now). Questions that come to mind: could their be a DoS perhaps from a bot or c99shell I didn't find? Even if their was, would it be possible for the www user, with no priveleges to even cause this kind of problem? I had disabled suhosin after customers patched their Zen Carts, because it interfered with it. Or...could this be a bug in the re0 driver? It's just weird. James Smallacombe PlantageNet, Inc. CEO and Janitor u...@3.am http://3.am = James Smallacombe PlantageNet, Inc. CEO and Janitor u...@3.am http://3.am = ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Blocking traffic by Mac address using IPFW
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Thu, 25 Jan 2007 08:22:17 -0600 Kevin Kinsey [EMAIL PROTECTED] wrote: Tek Bahadur Limbu wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Dear All, I need some help regarding using IPFW to block specific MAC addresses. How do I block incoming traffic by a MAC address instead of an IP address. Can this be done using IPFW? Since I am quite new to FreeBSD, can somebody shed some light on this issue? Yes, it appears that ipfw(8) can do this --- check the manpage (quite a ways down, in the RULE OPTIONS section [ about byte 45000] for full details; note also that there may be other issues involved. Here is a short thread on the subject from a couple of years ago: http://lists.freebsd.org/pipermail/freebsd-ipfw/2004-September/001375.html Disclaimer: IANAE, and don't play one on television ;-) HTH, Kevin Kinsey -- Heisenberg may have been here. Dear Kevin, Thanks. I am looking at the links you provided. - -- With best regards and good wishes, Yours sincerely, Tek Bahadur Limbu (TAG/TDG Group) Jwl Systems Department Worldlink Communications Pvt. Ltd. Jawalakhel, Nepal -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2.2 (FreeBSD) iD8DBQFFvDTfVrOl+eVhOvYRAr8+AJ9cRvI687IxBsQwMsoW+gDRBvxUcwCfV8ed RjZgBkI1c0m8SlB6cE3jJho= =PIHo -END PGP SIGNATURE- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Blocking traffic by Mac address using IPFW
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Dear All, I need some help regarding using IPFW to block specific MAC addresses. How do I block incoming traffic by a MAC address instead of an IP address. Can this be done using IPFW? Since I am quite new to FreeBSD, can somebody shed some light on this issue? - -- With best regards and good wishes, Yours sincerely, Tek Bahadur Limbu (TAG/TDG Group) Jwl Systems Department Worldlink Communications Pvt. Ltd. Jawalakhel, Nepal -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2.2 (FreeBSD) iD8DBQFFuH/RVrOl+eVhOvYRAhdCAJwLVoPRkuw1gTXosLDsIC0HQUsoYgCeK402 90HvaqCMIcg9T7GzGl1PlDs= =7Mft -END PGP SIGNATURE- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Blocking traffic by Mac address using IPFW
Tek Bahadur Limbu wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Dear All, I need some help regarding using IPFW to block specific MAC addresses. How do I block incoming traffic by a MAC address instead of an IP address. Can this be done using IPFW? Since I am quite new to FreeBSD, can somebody shed some light on this issue? Yes, it appears that ipfw(8) can do this --- check the manpage (quite a ways down, in the RULE OPTIONS section [ about byte 45000] for full details; note also that there may be other issues involved. Here is a short thread on the subject from a couple of years ago: http://lists.freebsd.org/pipermail/freebsd-ipfw/2004-September/001375.html Disclaimer: IANAE, and don't play one on television ;-) HTH, Kevin Kinsey -- Heisenberg may have been here. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: How to get MAC address using C program
Could you exec() ifconfig? On 5/30/06, girish girishlc [EMAIL PROTECTED] wrote: Pls any body tell me how to find out a MAC address in a program, Because I want to generate pseudo random number of IP address of some range for that MAC address and IP range will be the input and it should give IP address according to MAC address as a seed , but if I use difft MAC address (i,e for difft host ) it should give difft IP address, But if I give first MAC address it should give the same old IP address, So pls send me answer as soon as possible code in C and also if possible ALGORITHMS pls its very urgent Thank you, Regards Girish.L.C [EMAIL PROTECTED] - Do you Yahoo!? Get on board. You're invited to try the new Yahoo! Mail Beta. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: How to get MAC address using C program
On Wed, 31 May 2006 07:43:44 -0400 Jim Stapleton [EMAIL PROTECTED] wrote: Could you exec() ifconfig? at the risk of stating the bleeding obvious, maybe checking the code in ifconfig would show exactly what the original poster asked... you gotta love OpenSource ;) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
How to get MAC address using C program
Pls any body tell me how to find out a MAC address in a program, Because I want to generate pseudo random number of IP address of some range for that MAC address and IP range will be the input and it should give IP address according to MAC address as a seed , but if I use difft MAC address (i,e for difft host ) it should give difft IP address, But if I give first MAC address it should give the same old IP address, So pls send me answer as soon as possible code in C and also if possible ALGORITHMS pls its very urgent Thank you, Regards Girish.L.C [EMAIL PROTECTED] - Do you Yahoo!? Get on board. You're invited to try the new Yahoo! Mail Beta. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
mac address in install.cfg
Hi, I am doing network installs of FreeBSD 6.0 and I want to place the install files in a directory that depends on the mac address of the server being installed. In install.cfg I want to specify something like nfs=10.0.0.1:/var/net_install/files/$MAC_ADDRESS mediaSetNFS package=db42-4.2.52_4 packageAdd Where the target server substitutes $MAC_ADDRESS at install time. Can anyone think of a way of doing this? Thanks John ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
changing a nic's mac address, freebsd6
Hello, I've got an rl0 nic on a freebsd6 machine that i need to change it's mac address on a tempoary basis. I will want to change it back when my testing is complete. I read this was feasible with opbnbsd, and was wondering if the capability was available in fbsd6? Also, does it matter which tempoary mac address i give the card? Thanks. Dave. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: changing a nic's mac address, freebsd6
Dave [EMAIL PROTECTED] wrote: I've got an rl0 nic on a freebsd6 machine that i need to change it's mac address on a tempoary basis. I will want to change it back when my testing is complete. I read this was feasible with opbnbsd, and was wondering if the capability was available in fbsd6? Also, does it matter which tempoary mac address i give the card? You can use ifconfig rl0 ether $NEWMAC to change the mac address, ether has been around for a while and doesn't require FreeBSD 6.x. You're free to choose any address you like, but most of the time taking a free one (not already taken in your network) makes sense. Fabian -- http://www.fabiankeil.de/ signature.asc Description: PGP signature
Re: changing a nic's mac address, freebsd6
On Wed, Apr 19, 2006 at 08:33:53AM -0400, Dave wrote: Hello, I've got an rl0 nic on a freebsd6 machine that i need to change it's mac address on a tempoary basis. I will want to change it back when my testing is complete. I read this was feasible with opbnbsd, and was wondering if the capability was available in fbsd6? Also, does it matter which tempoary mac address i give the card? Presumably if one needed to change a MAC address one would already know the MAC address one needed to change to. Otherwise make sure you are not using an address currently in use on your network or the next router over. Probably best to increment your current MAC by one. Once Upon A Time I initialized a cable modem connection at a remote office using my Mac PowerBook then replaced it with a FreeBSD machine dedicated to serve as that office's router, firewall, and VPN gateway. Rather than reinitialize the cable modem service with the FreeBSD interface's MAC I left it using my PowerBook's MAC. The detriment was I could no longer use my PowerBook in that office because it confused the FreeBSD machine which saw another using its MAC address. To set the MAC address before any other networking starts (such as DHCP) create /etc/start_if.interface name #/bin/sh ifconfig interface name lladdr 00:11:22:33:44:55 If you make up an address the first octet probably should be 0 as there are bits in that field which have special meaning. -- David Kelly N4HHE, [EMAIL PROTECTED] Whom computers would destroy, they must first drive mad. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: changing a nic's mac address, freebsd6
Dave, On 4/19/06, Dave [EMAIL PROTECTED] wrote: Hello, I've got an rl0 nic on a freebsd6 machine that i need to change it's mac address on a tempoary basis. You can do this with ifconfig and the link parameter. i.e # /sbin/ifconfig rl0 link $NEWMACADDRESS cheers, Anth ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
repeated mac address
Hi: I have some Intel pro cards and all show up mac addresses as either 00:a4:c0:91:d2:9c or 00:b4:c0:91:d2:9c under freebsd 5.x. why is that? Thanks __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: repeated mac address
On 3/11/06, gahn [EMAIL PROTECTED] wrote: Hi: I have some Intel pro cards and all show up mac addresses as either 00:a4:c0:91:d2:9c or 00:b4:c0:91:d2:9c under freebsd 5.x. why is that? These do not seem to even belong to Intel. Either the cards have been hacked or you have some startup script changing the MACs somehow. You might want to try the NICs on a different machine. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Fwd: How does carp computes the MAC address of the a certain Virtual IP?
Mark Jayson Alvarez wrote: How does carp computes the MAC address of the a certain Virtual IP? Perhaps I can set up a route for the virtual IP address manually because the kernel keeps on complaining: arp_trequest: bad gateway (!AF_LINK). This is weired because my carp setup is working for the past 4 days and it suddenly stopped with the above error. CARP assigns a special MAC address to the virtual IP: eg. from one of the HA firewall setups we manage at work: 00:00:5e:00:01:05 The last byte (05 in this case) is set to the VHID parameter you put on the ifconfig line to initialise the carpN interface -- eg. ifconfig carp0 inet 12.34.56.78 255.255.255.0 12.34.56.255 vhid 5 pass notTellingYou advskew 1 ^^^ If you have several pairs of systems on the same network all using carp, you need to ensure that they all use distinct vhid values or else chaos will ensue. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. Flat 3 7 Priory Courtyard PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate Kent, CT11 9PW, UK ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Fwd: How does carp computes the MAC address of the a certain Virtual IP?
Mark Jayson Alvarez [EMAIL PROTECTED] wrote: Date: Sun, 4 Dec 2005 15:59:39 -0800 (PST) From: Mark Jayson Alvarez [EMAIL PROTECTED] To: freebsd-net@freebsd.org Subject: How does carp computes the MAC address of the a certain Virtual IP? Hi, How does carp computes the MAC address of the a certain Virtual IP? Perhaps I can set up a route for the virtual IP address manually because the kernel keeps on complaining: arp_trequest: bad gateway (!AF_LINK). This is weired because my carp setup is working for the past 4 days and it suddenly stopped with the above error. Any idea? Thanks - Yahoo! Personals Skip the bars and set-ups and start using Yahoo! Personals for free ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Fwd: How does carp computes the MAC address of the a certain Virtual IP?
Mark Jayson Alvarez [EMAIL PROTECTED] wrote: Date: Sun, 4 Dec 2005 15:59:39 -0800 (PST) From: Mark Jayson Alvarez [EMAIL PROTECTED] To: freebsd-net@freebsd.org Subject: How does carp computes the MAC address of the a certain Virtual IP? Hi, How does carp computes the MAC address of the a certain Virtual IP? Perhaps I can set up a route for the virtual IP address manually because the kernel keeps on complaining: arp_trequest: bad gateway (!AF_LINK). This is weired because my carp setup is working for the past 4 days and it suddenly stopped with the above error. Any idea? Thanks - Yahoo! Personals Let fate take it's course directly to your email. See who's waiting for you Yahoo! Personals ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
ipfw: ALLOWing by mac address
Hello all, I'd like your feedback on a problem I have with allowing access through the ipfw firewall via mac addresses. Andrew has a good point on mac address spoofing. I agree with him on the security concern, but for the situation that I am setting up, that's ok. But I really need to open the firewall via mac address. Let me detail my setup: dc0 is the interface to the Internet vr0 is the interface to the managed network I tried to read up on ipfw rules on mac, and I got something like this: allow ip from any to any MAC any 00:90:d1:00:80:00/33 It does not work of course, but ipfw accepted the command. Basically I need the client with the mac address to be able to go pass the firewall in totality. Can anyone enlighten me on the correct format? Thanks in advance. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: ipfw: ALLOWing by mac address
On 10/5/05, Foo Ji-Haw [EMAIL PROTECTED] wrote: Hello all, I'd like your feedback on a problem I have with allowing access through the ipfw firewall via mac addresses. Andrew has a good point on mac address spoofing. I agree with him on the security concern, but for the situation that I am setting up, that's ok. But I really need to open the firewall via mac address. Let me detail my setup: dc0 is the interface to the Internet vr0 is the interface to the managed network I tried to read up on ipfw rules on mac, and I got something like this: allow ip from any to any MAC any 00:90:d1:00:80:00/33 It does not work of course, but ipfw accepted the command. Basically I need the client with the mac address to be able to go pass the firewall in totality. Can anyone enlighten me on the correct format? Thanks in advance. Thanks for the credit :-) see man ipfw, particularly the PACKET FLOW section Try this: allow ip from any to any layer2 out MAC any 00:90:d1:00:80:00/33 allow ip from any to any layer2 in MAC 00:90:d1:00:80:00/33 any allow ip from any to any layer2 via trusted-if deny ip from any to any layer2 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: MAC address rc.conf
a better solution to this is to call your isp and tell them your network card died so you got a new one with MAC address of the freebsd machine. they can reset the MAC they have on their end and you'll be alright. also, sometimes the modem is storing the MAC so you can either reset it if it has a switch or power it down for about 10 minutes to erase its memory. if you do this you'll have to reenter your pppoe info though so make sure you have it. good luck. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
MAC address rc.conf
Hi, My ISP have aauthorization by username, password AND mac address. I currently make PPPoE connection from my laptop(win XP) to them. However I want to put FreeBSD router in front of my laptop. That is why I will need to make MAC address of outgoing ethernet card same as my laptop. I plan to make bash script(ifconfig down, ifconfig up) for that purpose. However I prefer a little bit cleaner solution ... is there any way I can set MAC address for the network card in rc.conf ? Thanks :-))) Kind regards, Pete ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: MAC address rc.conf
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Peter wrote: |Hi, |My ISP have aauthorization by username, password AND mac address. |I currently make PPPoE connection from my laptop(win XP) to them. |However I want to put FreeBSD router in front of my laptop. |That is why I will need to make MAC address of outgoing ethernet card |same as my laptop. |I plan to make bash script(ifconfig down, ifconfig up) for that |purpose. |However I prefer a little bit cleaner solution ... | is there any way I can set MAC address for the network card in |rc.conf ? |Thanks :-))) |Kind regards, |Pete | When the system boots, it will read rc.conf, and then it will pass the ifconfig_inf=... to ifconfig, so what I do is just to add ether aa:bb:cc:dd:ee:ff to that line: ifconfig_fxp0=inet 1.2.3.4 netmask 255.0.0.0 ether aa:bb:cc:dd:ee:ff - -- Bob Bomar [EMAIL PROTECTED] http://www.bomar.us/~bob -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (Darwin) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCralK9Jm/aTrtdKoRAlFFAJ93Y0XL7OMbJcdhFvBxQP3XEtzP6QCeOHIQ 8m1uyAMjW8F1SW0E/HNYFBA= =d5HD -END PGP SIGNATURE- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: MAC address rc.conf
just curious... what happens when your 'router' and your 'laptop' both have the same MAC address? -- John Brooks [EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Bob Bomar Sent: Monday, June 13, 2005 10:42 AM To: Peter; [EMAIL PROTECTED] Subject: Re: MAC address rc.conf -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Peter wrote: |Hi, |My ISP have aauthorization by username, password AND mac address. |I currently make PPPoE connection from my laptop(win XP) to them. |However I want to put FreeBSD router in front of my laptop. |That is why I will need to make MAC address of outgoing ethernet card |same as my laptop. |I plan to make bash script(ifconfig down, ifconfig up) for that |purpose. |However I prefer a little bit cleaner solution ... | is there any way I can set MAC address for the network card in |rc.conf ? |Thanks :-))) |Kind regards, |Pete | When the system boots, it will read rc.conf, and then it will pass the ifconfig_inf=... to ifconfig, so what I do is just to add ether aa:bb:cc:dd:ee:ff to that line: ifconfig_fxp0=inet 1.2.3.4 netmask 255.0.0.0 ether aa:bb:cc:dd:ee:ff - -- Bob Bomar [EMAIL PROTECTED] http://www.bomar.us/~bob -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (Darwin) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCralK9Jm/aTrtdKoRAlFFAJ93Y0XL7OMbJcdhFvBxQP3XEtzP6QCeOHIQ 8m1uyAMjW8F1SW0E/HNYFBA= =d5HD -END PGP SIGNATURE- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: MAC address rc.conf
I am also curios and I will found out :) Peter John Brooks wrote: just curious... what happens when your 'router' and your 'laptop' both have the same MAC address? -- John Brooks [EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [[3]mailto:[EMAIL PROTECTED] Behalf Of Bob Bomar Sent: Monday, June 13, 2005 10:42 AM To: Peter; [EMAIL PROTECTED] Subject: Re: MAC address rc.conf -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Peter wrote: |Hi, |My ISP have aauthorization by username, password AND mac address. |I currently make PPPoE connection from my laptop(win XP) to them. |However I want to put FreeBSD router in front of my laptop. |That is why I will need to make MAC address of outgoing ethernet card |same as my laptop. |I plan to make bash script(ifconfig down, ifconfig up) for that |purpose. |However I prefer a little bit cleaner solution ... | is there any way I can set MAC address for the network card in |rc.conf ? |Thanks :-))) |Kind regards, |Pete | When the system boots, it will read rc.conf, and then it will pass the ifconfig_inf=... to ifconfig, so what I do is just to add ether aa:bb:cc:dd:ee:ff to that line: ifconfig_fxp0=inet 1.2.3.4 netmask 255.0.0.0 ether aa:bb:cc:dd:ee:ff - -- Bob Bomar [EMAIL PROTECTED] [6]http://www.bomar.us/~bob -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (Darwin) Comment: Using GnuPG with Thunderbird - [7]http://enigmail.mozdev.org iD8DBQFCralK9Jm/aTrtdKoRAlFFAJ93Y0XL7OMbJcdhFvBxQP3XEtzP6QCeOHIQ 8m1uyAMjW8F1SW0E/HNYFBA= =d5HD -END PGP SIGNATURE- ___ [EMAIL PROTECTED] mailing list [9]http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [10][EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list [12]http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [13][EMAIL PROTECTED] References 1. mailto:[EMAIL PROTECTED] 2. mailto:[EMAIL PROTECTED] 3. mailto:[EMAIL PROTECTED] 4. mailto:[EMAIL PROTECTED] 5. mailto:[EMAIL PROTECTED] 6. http://www.bomar.us/~bob 7. http://enigmail.mozdev.org/ 8. mailto:freebsd-questions@freebsd.org 9. http://lists.freebsd.org/mailman/listinfo/freebsd-questions 10. mailto:[EMAIL PROTECTED] 11. mailto:freebsd-questions@freebsd.org 12. http://lists.freebsd.org/mailman/listinfo/freebsd-questions 13. mailto:[EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: MAC address rc.conf
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Peter wrote: |I am also curios and I will found out :) |Peter |John Brooks wrote: | | just curious... | | what happens when your 'router' and your 'laptop' both have the | same MAC address? | | -- | John Brooks | [EMAIL PROTECTED] | | | | -Original Message- | From: [EMAIL PROTECTED] | [[3]mailto:[EMAIL PROTECTED] Behalf Of Bob Bomar | Sent: Monday, June 13, 2005 10:42 AM | To: Peter; [EMAIL PROTECTED] | Subject: Re: MAC address rc.conf | | | Peter wrote: | |Hi, | |My ISP have aauthorization by username, password AND mac address. | |I currently make PPPoE connection from my laptop(win XP) to them. | |However I want to put FreeBSD router in front of my laptop. | |That is why I will need to make MAC address of outgoing ethernet card | |same as my laptop. | |I plan to make bash script(ifconfig down, ifconfig up) for that | |purpose. | |However I prefer a little bit cleaner solution ... | | is there any way I can set MAC address for the network card in | |rc.conf ? | |Thanks :-))) | |Kind regards, | |Pete | | | | When the system boots, it will read rc.conf, and then | it will pass the ifconfig_inf=... to ifconfig, so | what I do is just to add ether aa:bb:cc:dd:ee:ff to | that line: | | ifconfig_fxp0=inet 1.2.3.4 netmask 255.0.0.0 ether aa:bb:cc:dd:ee:ff | Just add a similar line to the laptop, and change it by one number i.e.: 00:11:22:33:44:55 Router 00:11:22:33:44:56 Laptop - -- Bob Bomar [EMAIL PROTECTED] http://www.bomar.us/~bob -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (Darwin) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCrd9C9Jm/aTrtdKoRAt6FAJ934JhWAEI1WbvWy5st+wwXWAE7wACggIuh qMKwAgd+pwP6E1d6J/uaTEo= =fGL8 -END PGP SIGNATURE- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
changing network card MAC address
Just set up a new box (5.4-RELEASE) as a home gateway and had to change the network card MAC address that does DHCP through the cable modem. I put the following in /etc/rc.early, but this seems inelegant and possibly deprecated. What is the proper way to do this on a DHCP interface? ifconfig rl1 ether 'aa:bb:cc:dd:ee:ff' Thanks -- M. L. Dodson[EMAIL PROTECTED] 409-772-2178FAX: 409-772-1790 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: changing network card MAC address
Check out /etc/dhclient.conf. The options are described in 'man 5 dhclient.conf' On Sun, 2005-06-12 at 17:26 -0500, M. L. Dodson wrote: Just set up a new box (5.4-RELEASE) as a home gateway and had to change the network card MAC address that does DHCP through the cable modem. I put the following in /etc/rc.early, but this seems inelegant and possibly deprecated. What is the proper way to do this on a DHCP interface? ifconfig rl1 ether 'aa:bb:cc:dd:ee:ff' Thanks -- Christopher Black Chief Security Engineer Secure Crossing 22750 Woodward Suite 304 - Ferndale, MI 48220 Tel (800) 761-4299 | Direct (248) 658-6120 [EMAIL PROTECTED] | www.securecrossing.com signature.asc Description: This is a digitally signed message part
Re: changing network card MAC address
On Jun 12, 2005, at 5:26 PM, M. L. Dodson wrote: Just set up a new box (5.4-RELEASE) as a home gateway and had to change the network card MAC address that does DHCP through the cable modem. I put the following in /etc/rc.early, but this seems inelegant and possibly deprecated. What is the proper way to do this on a DHCP interface? ifconfig rl1 ether 'aa:bb:cc:dd:ee:ff' Go look at ifscript_up() in /etc/network.subr. What you want to do is put the above line in /etc/start_if.rl1 (just rename it, I'm guessing) and it will magically be applied before DHCP gets to it. If it wasn't for DHCP you could put it on the appropriate ifconfig line in /etc/rc.conf. -- David Kelly N4HHE, [EMAIL PROTECTED] Whom computers would destroy, they must first drive mad. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: changing network card MAC address
On Sunday 12 June 2005 17:32, Christopher Black wrote: Check out /etc/dhclient.conf. The options are described in 'man 5 dhclient.conf' On Sun, 2005-06-12 at 17:26 -0500, M. L. Dodson wrote: Just set up a new box (5.4-RELEASE) as a home gateway and had to change the network card MAC address that does DHCP through the cable modem. I put the following in /etc/rc.early, but this seems inelegant and possibly deprecated. What is the proper way to do this on a DHCP interface? ifconfig rl1 ether 'aa:bb:cc:dd:ee:ff' Thanks Renaming /etc/rc.early to /etc/dhclient-enter-hooks works (as I am sure renaming it to /etc/start_if.rl1 would have done). Thanks for the responses! -- M. L. Dodson[EMAIL PROTECTED] 409-772-2178FAX: 409-772-1790 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: blocking MAC address with ipfw ?
On Mon, 02 May 2005 20:26:03 -0700, John Pettitt [EMAIL PROTECTED] said: faisal gillani wrote: faisal gillani wrote: how can i block a MAC address with ipfw ? can you share the syntax please ? thanks man ipfw reveals ... { MAC | mac } dst-mac src-mac Match packets with a given dst-mac and src-mac addresses, speci- ... You also need to make sure that the sysctl variable net.link.ether.ipfw is set to 1 to enable layer 2 checks. Sandy ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
blocking MAC address with ipfw ?
how can i block a MAC address with ipfw ? can you share the syntax please ? thanks *º¤., ¸¸,.¤º*¨¨¨*¤ Allah-hu-Akber*º¤., ¸¸,.¤º*¨¨*¤ God is the Greatest __ Do you Yahoo!? Yahoo! Mail - now with 250MB free storage. Learn more. http://info.mail.yahoo.com/mail_250 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: blocking MAC address with ipfw ?
faisal gillani wrote: faisal gillani wrote: how can i block a MAC address with ipfw ? can you share the syntax please ? thanks man ipfw reveals ... { MAC | mac } dst-mac src-mac Match packets with a given dst-mac and src-mac addresses, speci- fied as the any keyword (matching any MAC address), or six groups of hex digits separated by colons, and optionally followed by a mask indicating the significant bits. The mask may be specified using either of the following methods: 1. A slash (/) followed by the number of significant bits. For example, an address with 33 significant bits could be specified as: MAC 10:20:30:40:50:60/33 any 2. An ampersand () followed by a bitmask specified as six groups of hex digits separated by colons. For example, an address in which the last 16 bits are significant could be specified as: MAC 10:20:30:40:50:6000:00:00:00:ff:ff any Note that the ampersand character has a special meaning in many shells and should generally be escaped. Note that the order of MAC addresses (destination first, source second) is the same as on the wire, but the opposite of the one used for IP addresses. So ipfw add 999 deny MAC any 10:20:30:40:50:60/33 would be a valid rule. *º¤., ¸¸,.¤º*¨¨¨*¤ Allah-hu-Akber*º¤., ¸¸,.¤º*¨¨*¤ God is the Greatest __ Do you Yahoo!? Yahoo! Mail - now with 250MB free storage. Learn more. http://info.mail.yahoo.com/mail_250 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Can't change MAC address of my WAG311
dear list, I am operating a Netgear WAG311 (Atheros AR5212) under FBSD 5.3 Release. I tried to change the MAC address of the device using root# ifconfig ath0 ether aa:bb:cc:dd:ee:ff which changed the MAC address in the ifconfig ath0 output. But wicontrol -i ath0 still showed the old (original) MAC address and that MAC address also is being used on the network. Trying to change the MAC address using root# wicontrol -i ath0 -m aa:bb:cc:dd:ee:ff results in a wicontrol: SIOCSWAVELAN: Invalid Argument error message. Am I doing something wrong? TIA zheyu ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Can't change MAC address of my WAG311
Ben Pratt wrote: I would forward this to the list but I don't want to get the bounces for 3 days because I can't get reverse lookup going. I've attached a script that you should try. Ben FreeBSD Daemon wrote: dear list, I am operating a Netgear WAG311 (Atheros AR5212) under FBSD 5.3 Release. I tried to change the MAC address of the device using root# ifconfig ath0 ether aa:bb:cc:dd:ee:ff which changed the MAC address in the ifconfig ath0 output. But wicontrol -i ath0 still showed the old (original) MAC address and that MAC address also is being used on the network. Trying to change the MAC address using root# wicontrol -i ath0 -m aa:bb:cc:dd:ee:ff results in a wicontrol: SIOCSWAVELAN: Invalid Argument error message. Am I doing something wrong? TIA zheyu ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] #!/usr/local/bin/bash # Version 2.1 # By Ben # Thanks to Venom for suggesting Apple and joining FreeBSD and Linux echo What interface? [ath0] read interface if [ $interface = ] then interface=ath0 fi company=0 until [ $company -eq 1 -o $company -eq 2 -o $company -eq 3 -o $company -eq 4 -o $company -eq 5 -o $company -eq 6 ]; do echo Card Company to impersonate? echo 1) 3Com echo 2) Apple echo 3) D-Link echo 4) Intel echo 5) Linksys echo 6) Netgear read company done front= back= new= case $company in '1') # Random 3Com Card number=0 while [ $number -le 0 ] do number=$RANDOM let number %= 14 done echo Number: $number case $number in '1') front=00:01:02: ;; '2') front=00:01:03: ;; '3') front=00:10:4B: ;; '4') front=00:10:5A: ;; '5') front=00:20:AF: ;; '6') front=00:50:04: ;; '7') front=00:50:DA: ;; '8') front=00:60:08: ;; '9') front=00:60:8C: ;; '10') front=00:60:97: ;; '11') front=00:A0:24: ;; '12') front=02:60:8C: ;; '13') front=02:C0:8C: ;; * ) echo Error exit 0 ;; esac ;; '2') # Random Apple Card number=0 while [ $number -le 0 ] do number=$RANDOM let number %= 6 done echo Number: $number case $number in '1') front=00:05:02: ;; '2') front=00:30:65: ;; '3') front=00:50:E4: ;; '4') front=00:A0:40: ;; '5') front=08:00:07: ;; * ) echo Error exit 0 ;; esac ;; '3') # Random D-Link Card front=00:05:5D: ;; '4') # Random Intel Card number=0 while [ $number -le 0 ] do number=$RANDOM let number %= 9 done echo Number: $number case $number in '1') front=00:02:B3: ;; '2') front=00:03:47: ;; '3') front=00:04:23: ;; '4') front=00:07:E9: ;; '5') front=00:0C:F1: ;; '6') front=00:0E:0C: ;; '7') front=00:11:11: ;; '8') front=00:20:7B: ;; * ) echo Error exit 0 ;; esac ;; '5') # Random Linksys Card number=0 while [ $number -le 0 ] do number=$RANDOM let number %= 4 done echo Number: $number case $number in '1') front=00:04:5A: ;; '2') front=00:06:25: ;; '3') front=00:0C:41: ;; * ) echo Error exit 0 ;; esac ;; '6') # Random Netgear Card front=00:09:5B: ;; '7') # Random Card ;; esac count=0 colon=0 colons=1 while [ $count -lt 6 ] do Numbers=0 1 2 3 4 5 6 7 8 9 A B C D E F # Read into array variable. number=($Numbers) # Count how many elements. num_numbers=${#number[*]} new=${number[$((RANDOM%num_numbers))]} back=$back$new if [ $colon -gt 0 ] [ $colons -lt 3 ] then new=: back=$back$new let colon-=1 let colons+=1 else let colon+=1 fi let count+=1 done address=$front$back OS=0 until [ $OS -eq 1 -o $OS -eq 2 ]; do echo What OS?? echo 1) FreeBSD echo 2) Linux read OS done case $OS in '1') ifconfig $interface down ifconfig $interface link $address ifconfig $interface up ;; '2') ifconfig $interface down ifconfig $interface ether $address ifconfig $interface up ;; * ) exit 0 ;; esac echo Your new MAC is: $address exit 0 Well, thanks for the script, BUT as I wrote ifconfig is working. The misunderstanding was probably cause by me not explicitly pointing out that aa:bb:cc:dd:ee:ff stands for a real MAC (00:01:f4:xx:yy:zz) and is not to be taken literally. SORRY! Again, ifconfig is working and the MAC changes in the ifconfig output ... athough the card doesn't honour the change and keeps on using the old (original) MAC. wicontrol dosn't even hounour the change in its output and keeps displaying the Old (original) MAC. And trying to change the MAC using wicontrol results in the error wicontrol: SIOCSWAVELAN: Invalid Argument. zheyu ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: Change MAC address of LAN card in rc.conf. How?
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Rob Sent: Sunday, February 27, 2005 6:01 PM To: [EMAIL PROTECTED] Cc: FreeBSD questions Subject: Re: Change MAC address of LAN card in rc.conf. How? --- Michael Grant [EMAIL PROTECTED] wrote: Just curious, why would you ever need to change your mac address? In my university network, IP numbers must match a previously registered MAC address, otherwise the IP number is blocked. So our group has a list of IP numbers, that each only work with a specific MAC address. Yeah, the network admins do that to prevent people spoofing IP addresses to try attacking other computers. Of course, it's stupid since you can spoof the mac and attack away. When shifting around computers and IP addresses, it is easier to fake the MAC address to what I need, than to start a procedure with the computer center to change the MAC address of a certain IP number. One of these days you need to start spoofing the mac of the default gateway they are using, and I would suspect after a few weeks or months of that they will jettison the whole register MAC address procedure. Recording the MAC address only has validity when they are assigning a specific MAC to a specific hardware port on the switch by using intelligent switches that filter. But if they are using dumb hubs then they are just being idiots and making work for themselves. I manage to do this easily on my FreeBSD PCs. However, my colleagues are suprised and ask me how to do this on their MS-Windows systems. It's incredibly easy to do, just go into driver properties for just about every network driver ever written for Windows. Of course, this illustrates perfectly the absurdity of continually trying to make computers easier and easier and easier to use with a GUI - no matter how much simpler you make it, the people you are trying to serve will always outrace you in ignorance. Ted ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Change MAC address of LAN card in rc.conf. How?
Hi, I'm running 5.3 STABLE. I need to change the MAC address of my PC. I know it can be done like this: ifconfig rl0 ether 11:22:33:44:55:66 So I guessed I could make life a little easier by adding this in my /etc/rc.conf file as: ifconfig_rl0=inet 192.168.123.2 netmask 255.255.255.0 ether 11:22:33:44:55:66 However, this does not seem to work. No IP address is assigned to the LAN card after bootup. Apparently something is wrong here. Any idea how I can do this at bootup? Thanks, Rob. __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Change MAC address of LAN card in rc.conf. How?
On Sun, 27 Feb 2005 05:54:49 -0800 (PST), Rob [EMAIL PROTECTED] wrote: Hi, I'm running 5.3 STABLE. I need to change the MAC address of my PC. I know it can be done like this: ifconfig rl0 ether 11:22:33:44:55:66 So I guessed I could make life a little easier by adding this in my /etc/rc.conf file as: ifconfig_rl0=inet 192.168.123.2 netmask 255.255.255.0 ether 11:22:33:44:55:66 However, this does not seem to work. No IP address is assigned to the LAN card after bootup. Apparently something is wrong here. Any idea how I can do this at bootup? echo 'ifconfig rl0 ether 11:22:33:44:55:66' /etc/start_if.rl0 =Adriaan= ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Change MAC address of LAN card in rc.conf. How?
Rob wrote: I'm running 5.3 STABLE. I need to change the MAC address of my PC. I know it can be done like this: ifconfig rl0 ether 11:22:33:44:55:66 So I guessed I could make life a little easier by adding this in my /etc/rc.conf file as: ifconfig_rl0=inet 192.168.123.2 netmask 255.255.255.0 ether 11:22:33:44:55:66 However, this does not seem to work. No IP address is assigned to the LAN card after bootup. Apparently something is wrong here. Any idea how I can do this at bootup? ifconfig_rl0_alias0=ether 11:22:33:44:55:66 -- [WBR], Arcade. [SAT Astronomy/Think to survive!] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Change MAC address of LAN card in rc.conf. How?
Volodymyr Kostyrko wrote: Rob wrote: I'm running 5.3 STABLE. I need to change the MAC address of my PC. I know it can be done like this: ifconfig rl0 ether 11:22:33:44:55:66 So I guessed I could make life a little easier by adding this in my /etc/rc.conf file as: ifconfig_rl0=inet 192.168.123.2 netmask 255.255.255.0 ether 11:22:33:44:55:66 However, this does not seem to work. No IP address is assigned to the LAN card after bootup. Apparently something is wrong here. Any idea how I can do this at bootup? ifconfig_rl0_alias0=ether 11:22:33:44:55:66 That works indeed. Thanks so much! Rob. __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Change MAC address of LAN card in rc.conf. How?
--- Michael Grant [EMAIL PROTECTED] wrote: Just curious, why would you ever need to change your mac address? In my university network, IP numbers must match a previously registered MAC address, otherwise the IP number is blocked. So our group has a list of IP numbers, that each only work with a specific MAC address. When shifting around computers and IP addresses, it is easier to fake the MAC address to what I need, than to start a procedure with the computer center to change the MAC address of a certain IP number. I manage to do this easily on my FreeBSD PCs. However, my colleagues are suprised and ask me how to do this on their MS-Windows systems. Rob. __ Do you Yahoo!? Yahoo! Sports - Sign up for Fantasy Baseball. http://baseball.fantasysports.yahoo.com/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
MAC Address
I have a firewall running on a FreeBSD 4.10-STABLE with ipfw. My firewall is working very well, but i started to log the rules and somethig strange appears in the log Jan 28 10:44:15 host /kernel: ipfw: 880 Accept MAC in via fxp1 Jan 28 10:44:15 host /kernel: ipfw: 880 Accept MAC in via fxp1 Jan 28 10:44:15 host /kernel: ipfw: 880 Accept MAC in via rl1 Jan 28 10:44:15 host /kernel: ipfw: 880 Accept MAC in via rl1 Jan 28 10:44:16 host /kernel: ipfw: 880 Accept MAC in via fxp1 what is it ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: MAC Address
AW I have a firewall running on a FreeBSD 4.10-STABLE with ipfw. AW My firewall is working very well, but i started to log the rules and AW somethig strange appears in the log AW Jan 28 10:44:15 host /kernel: ipfw: 880 Accept MAC in via fxp1 AW Jan 28 10:44:15 host /kernel: ipfw: 880 Accept MAC in via fxp1 AW Jan 28 10:44:15 host /kernel: ipfw: 880 Accept MAC in via rl1 AW Jan 28 10:44:15 host /kernel: ipfw: 880 Accept MAC in via rl1 AW Jan 28 10:44:16 host /kernel: ipfw: 880 Accept MAC in via fxp1 AW what is it AW ___ AW freebsd-questions@freebsd.org mailing list AW http://lists.freebsd.org/mailman/listinfo/freebsd-questions AW To unsubscribe, send any mail to [EMAIL PROTECTED] - Rule 880 is logging and says that it accepted a MAC in via an interface. Maybe it would help if you told us what rulle 880 actually is... btw: you're right it is working very well if its purpose is to let MAC in ;) Regards Hexren ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
How to get MAC address using C program
Hi, Can anybody help me out to retrieve MAC address of my machine... using a C program I gave it a try using ioctl but not getting the correct result.. Following is my code.. int main() { .. struct ifr_req ifr ; strcpy(ifr.ifr_name, rl0); if( ioctl(s, SIOCGIFADDR, ifr) 0 ) { cout Error endl ; return 0 ; } printf(ADDR(%s) = ) ; for(int i = 0; i 6; i++) { printf(%x :, ifr.ifr_addr.sa_data[i] ) ; } its not printing the correct result Thanks in advance Dennis __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Mac Address Spoofing(!)
On , 2004-11-07 at 06:58, eddie dandrades wrote: Hello guys, I've set out to spoof my gateway's mac address so that I can get a new ip address from my cable ISP without having to unplug my modem for 24 hours as they suggested (and is understandable, thats how long their DHCP lease last). I've tried several things, one of which is following the instructions here http://ezine.daemonnews.org/200406/netgraph.html - I also tried doing: ifconfig xl0 hw ether 00:00:00:00:00 to no avail. I'm just wondering if anyone on this list knows of a way to do it successfully or can provide me with a link to some useful documentation. Thanks guys! gabriel Just a thought but many around me have broadband modems from their ISP's and they faced the same problem you describe and their ISP told them to disconnect for 2 to 3 hrs but that is hardly workable. The solution was to reboot the modem. The modem cached the MAC address on the client side not the ISP's DHCP server. Would that work better in your situation rather than trying to spoof MAC addresses ? HTH LukeK ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Mac Address Spoofing(!)
I tried the resetting for 24 hours (unplugging it from power), tried to have my isp give me different modem configuration files, no go, my modem just liked my mac, after following the instructions given I was able to acquire a new ip address, so far, no harm done. Cheers! On Sun, 07 Nov 2004 21:14:23 +0900, Luke Kearney [EMAIL PROTECTED] wrote: On , 2004-11-07 at 06:58, eddie dandrades wrote: Hello guys, I've set out to spoof my gateway's mac address so that I can get a new ip address from my cable ISP without having to unplug my modem for 24 hours as they suggested (and is understandable, thats how long their DHCP lease last). I've tried several things, one of which is following the instructions here http://ezine.daemonnews.org/200406/netgraph.html - I also tried doing: ifconfig xl0 hw ether 00:00:00:00:00 to no avail. I'm just wondering if anyone on this list knows of a way to do it successfully or can provide me with a link to some useful documentation. Thanks guys! gabriel Just a thought but many around me have broadband modems from their ISP's and they faced the same problem you describe and their ISP told them to disconnect for 2 to 3 hrs but that is hardly workable. The solution was to reboot the modem. The modem cached the MAC address on the client side not the ISP's DHCP server. Would that work better in your situation rather than trying to spoof MAC addresses ? HTH LukeK -- gabriel, Member of: FreeBSD-Announce FreeBSD-Hardware FreeBSD-Multimedia FreeBSD-questions ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: Mac Address Spoofing(!)
Hello (BThere should be a file containing info about your network card. So if you vi (Bthe file and change the Mac to the one you need, and reboot, then you should (Bget the new ip. My isp is like yours, dhcp but based on mac address. I can't (Bremember the location of file containing the network card configuration (B (B-Original Message- (BFrom: [EMAIL PROTECTED] (B[mailto:[EMAIL PROTECTED] On Behalf Of gabriel (BSent: November 7, 2004 10:27 AM (BTo: [EMAIL PROTECTED] (BCc: [EMAIL PROTECTED] (BSubject: Re: Mac Address Spoofing(!) (B (BI tried the resetting for 24 hours (unplugging it from power), tried (Bto have my isp give me different modem configuration files, no go, my (Bmodem just liked my mac, after following the instructions given I was (Bable to acquire a new ip address, so far, no harm done. (B (BCheers! (B (BOn Sun, 07 Nov 2004 21:14:23 +0900, Luke Kearney [EMAIL PROTECTED] wrote: (B On $BF|(B, 2004-11-07 at 06:58, eddie dandrades wrote: (B (B (B Hello guys, (B (B I've set out to spoof my gateway's mac address so that I can get a (B new ip address from my cable ISP without having to unplug my modem for (B 24 hours as they suggested (and is understandable, thats how long (B their DHCP lease last). I've tried several things, one of which is (B following the instructions here (B http://ezine.daemonnews.org/200406/netgraph.html - I also tried doing: (B ifconfig xl0 hw ether 00:00:00:00:00 to no avail. (B (B I'm just wondering if anyone on this list knows of a way to do it (B successfully or can provide me with a link to some useful (B documentation. (B (B (B Thanks guys! (B (B (B gabriel (B (B Just a thought but many around me have broadband modems from their ISP's (B and they faced the same problem you describe and their ISP told them to (B disconnect for 2 to 3 hrs but that is hardly workable. The solution was (B to reboot the modem. The modem cached the MAC address on the client side (B not the ISP's DHCP server. Would that work better in your situation (B rather than trying to spoof MAC addresses ? (B (B HTH (B (B LukeK (B (B (B (B (B-- (Bgabriel, (B (BMember of: (BFreeBSD-Announce (BFreeBSD-Hardware (BFreeBSD-Multimedia (BFreeBSD-questions (B___ ([EMAIL PROTECTED] mailing list (Bhttp://lists.freebsd.org/mailman/listinfo/freebsd-questions (BTo unsubscribe, send any mail to "[EMAIL PROTECTED]" (B (B (B (B___ ([EMAIL PROTECTED] mailing list (Bhttp://lists.freebsd.org/mailman/listinfo/freebsd-questions (BTo unsubscribe, send any mail to "[EMAIL PROTECTED]"
Mac Address Spoofing(!)
Hello guys, I've set out to spoof my gateway's mac address so that I can get a new ip address from my cable ISP without having to unplug my modem for 24 hours as they suggested (and is understandable, thats how long their DHCP lease last). I've tried several things, one of which is following the instructions here http://ezine.daemonnews.org/200406/netgraph.html - I also tried doing: ifconfig xl0 hw ether 00:00:00:00:00 to no avail. I'm just wondering if anyone on this list knows of a way to do it successfully or can provide me with a link to some useful documentation. Thanks guys! gabriel Member of: FreeBSD-Announce FreeBSD-Hardware FreeBSD-Multimedia FreeBSD-questions ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Mac Address Spoofing(!)
In a message dated 11/6/04 4:59:05 PM Eastern Standard Time, [EMAIL PROTECTED] writes: Hello guys, I've set out to spoof my gateway's mac address so that I can get a new ip address from my cable ISP without having to unplug my modem for 24 hours as they suggested (and is understandable, thats how long their DHCP lease last). I've tried several things, one of which is following the instructions here http://ezine.daemonnews.org/200406/netgraph.html - I also tried doing: ifconfig xl0 hw ether 00:00:00:00:00 to no avail. I'm just wondering if anyone on this list knows of a way to do it successfully or can provide me with a link to some useful documentation. It is YOUR gateway? Just use a different port, or swap out the ethernet card. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Mac Address Spoofing(!)
Thank you, I'll try that. Sometimes I'm very hesitant to believe things are so easy, but I'm sure this is gonna work now. Thank you! On Sat, 06 Nov 2004 16:13:00 -0600, Ben [EMAIL PROTECTED] wrote: BSD 1) Bring down the interface: ifconfig xl0 down 2) Enter new MAC address: ifconfig xl0 link 00:00:00:AA:AA:AA 3) Bring up the interface: ifconfig xl0 up That's all there is to it. Good luck, Ben eddie dandrades wrote: Hello guys, I've set out to spoof my gateway's mac address so that I can get a new ip address from my cable ISP without having to unplug my modem for 24 hours as they suggested (and is understandable, thats how long their DHCP lease last). I've tried several things, one of which is following the instructions here http://ezine.daemonnews.org/200406/netgraph.html - I also tried doing: ifconfig xl0 hw ether 00:00:00:00:00 to no avail. I'm just wondering if anyone on this list knows of a way to do it successfully or can provide me with a link to some useful documentation. Thanks guys! gabriel Member of: FreeBSD-Announce FreeBSD-Hardware FreeBSD-Multimedia FreeBSD-questions ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] -- gabriel, Member of: FreeBSD-Announce FreeBSD-Hardware FreeBSD-Multimedia FreeBSD-questions ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
block certian MAC address ?
How can i activate the default firewall that comes with FreeBSD .. is there any ? also i wana know how to block certian MAC address with it .. thanks = *º¤., ¸¸,.¤º*¨¨¨*¤ Allah-hu-Akber*º¤., ¸¸,.¤º*¨¨*¤ __ Do you Yahoo!? Read only the mail you want - Yahoo! Mail SpamGuard. http://promotions.yahoo.com/new_mail ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: block certian MAC address ?
On Sun, 17 Oct 2004 18:11:15 -0700 (PDT), faisal gillani [EMAIL PROTECTED] wrote: How can i activate the default firewall that comes with FreeBSD .. is there any ? also i wana know how to block certian MAC address with it .. thanks You may want to start by reading FreeBSD's wonderful handbook. Especially http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/firewalls.html that page. This book addresses ipfw, one of the built-in firewalls in freebsd. There is also pf included in FreeBSD 5.3. But regardless, ipfw is a very easy-to-setup firewall for most applications. -- If I write a signature, my emails will appear more personalised. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
IPFW2 Mac Address Filtering
I've searched high and low, and have read many times that doing mac address filtering with ipfw is possible. I'm running 4.9, have recompiled the kernel with 'options ipfw2', and have recompiled libalias ipfw with ipfw2 support. I've read through the man pages, and I can't make this particular rule work. I need to block all IP packets EXCEPT for packets coming from specific MAC addresses. Can anyone give me an example of specifically how I should form this rule? Elijah Chancey NetlinkIP Sysadmin ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: IPFW2 Mac Address Filtering
On Tuesday 25 May 2004 17:57, Elijah A.Chancey wrote: I've searched high and low, and have read many times that doing mac address filtering with ipfw is possible. I'm running 4.9, have recompiled the kernel with 'options ipfw2', and have recompiled libalias ipfw with ipfw2 support. I've read through the man pages, and I can't make this particular rule work. I need to block all IP packets EXCEPT for packets coming from specific MAC addresses. Can anyone give me an example of specifically how I should form this rule? Elijah Chancey NetlinkIP Sysadmin Don't forget to set sysctl net.link.ether.ipfw=1. [...] # eth0: MAC of firewall NIC # eth1: MAC of NIC to allow # eth_broadcast: broadcast address eth0=00:04:00:00:00:01 eth1=00:04:00:00:00:02 eth_broadcast=ff:ff:ff:ff:ff:ff ${fwcmd} add pass MAC ${eth0} ${eth1} ${fwcmd} add pass MAC ${eth1} ${eth0} ${fwcmd} add pass MAC ${eth_broadcast} ${eth0} ${fwcmd} add pass MAC ${eth_broadcast} ${eth1} [...] regards ch -- Christian Hiris [EMAIL PROTECTED] | OpenPGP KeyID 0x941B6B0B OpenPGP-Key at hkp://wwwkeys.eu.pgp.net and http://pgp.mit.edu pgpxi3Pdngqfq.pgp Description: signature
Re: Diskless PXE clients: switching FreeBSD kernels based on MAC address
I'm following up on my original question and cross-posting it to the Soekris list in case this is useful for anyone else. If there's an easier way to do this, I'd like to know! Here's a bootloader script I wrote that works for me (FreeBSD 4.9_RELEASE). == kern_switch.4th = \ \ kern_switch.4th \ -- MAC-based kernel switching for PXE clients \ \ Allows PXE booting of different kernels for different MAC addresses \ using a shared NFS root partition. \ Will use the default kernel if not booting from PXE or no HW MAC \ addresses are matched. \ \ USAGE: \ 1. Place this in /boot on the NFS server. \ 2. Include this from /boot/loader.conf using the following line: \ exec=include /boot/kern_switch.4th \ 3. Edit the MAC address and kernel definitions below. \ 4. Make sure you have an alternate boot device handy when installing \ so you can undo things if you make a mistake! \ \ v 1.0; Mar_21_2004; Chris Roehrig [EMAIL PROTECTED] : switch_kernel ( kern_addr kern_n -- ) 2dup . kern_switch DBG: switching kernel to type cr s kernel setenv ; \ Check environment for loaddev... s loaddev getenv dup -1 = [if] drop\ the -1 retval .( kern_switch: no loaddev present in environment!) cr [else] 2dup .( kern_switch: loaddev = ) type cr s pxe0: compare 0= [if] \ PXE Boot; get the hardware MAC address... s boot.netif.hwaddr getenv dup -1 = [if] drop\ the -1 retval .( kern_switch: no boot.netif.hwaddr present in environment!) cr [else] 2dup .( kern_switch: boot.netif.hwaddr = ) type cr \ switch on HW address... \ === \ ENTER YOUR MAC ADDRESSES AND KERNEL NAMES HERE \ Pad all MAC bytes to 2-digit, lower-case. \ Be careful to preserve the space after s ! 2dup s 00:00:24:c1:2a:64 compare 0= [if] s /kernel.NET4501 switch_kernel [then] 2dup s 00:00:24:c1:35:50 compare 0= [if] s /kernel.NET4801 switch_kernel [then] \ === 2drop \ environment HW string [then] [then] [then] \ Display the kernel to be used... s kernel getenv dup -1 [if] .( kern_switch: using kernel = ) type cr [else] drop .( kern_switch: no kernel present in environment!) cr [then] On Mar 20, 2004, at 10:58, Chris Roehrig wrote: I'm running FreeBSD 4.9_RELEASE and I'd like to share my server's root partition as the root partition for some diskless PXE clients, but I need different kernels for the server and clients.The /conf structure works great for providing different /etc environments for each machine, but I can't figure out how to boot a different kernel for my PXE clients. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: [Soekris-tech] Re: Diskless PXE clients: switching FreeBSDkernels based on MAC address
This might be possible with DHCP, I've done something similar... subnet 192.168.250.0 netmask 255.255.255.0 { range 192.168.250.2 192.168.250.253; option routers 192.168.250.254; option subnet-mask 255.255.255.0; # NFS server path option root-path 192.168.250.1:/usr/mboot; } class soekris { match if substring (option vendor-class-identifier, 0, 20) = PXEClient:Arch:0; # TFTP server filename next-server 192.168.250.1; filename pxeboot; } Chris Roehrig wrote: I'm following up on my original question and cross-posting it to the Soekris list in case this is useful for anyone else. If there's an easier way to do this, I'd like to know! ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: mac address
On Tuesday 13 January 2004 14:31, Daan Vreeken [PA4DAN] wrote: On Tuesday 13 January 2004 13:54, Malik Blent wrote: hello i use freebsd5.1 and i want to reject some computers whose according to Mac Addresses and i recompiled kernel with options IPFIREWALL then i made ipfw.sh with touch and wrote in ; ipfw add deny MAC 00:60:67:28:0c:1e any ipfw add deny MAC any 00:60:67:28:0c:1e but I couldn't reject above machine What shall i do ? You have to it first with a sysctl : Oops, typo, should have been : You have to enable it first with a sysctl # sysctl -w net.link.ether.ipfw=1 grtz, Daan ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
mac address
hello i use freebsd5.1 and i want to reject some computers whose according to Mac Addresses and i recompiled kernel with options IPFIREWALL then i made ipfw.sh with touch and wrote in ; ipfw add deny MAC 00:60:67:28:0c:1e any ipfw add deny MAC any 00:60:67:28:0c:1e but I couldn't reject above machine What shall i do ? Thanks ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: mac address
On Tuesday 13 January 2004 13:54, Malik Blent wrote: hello i use freebsd5.1 and i want to reject some computers whose according to Mac Addresses and i recompiled kernel with options IPFIREWALL then i made ipfw.sh with touch and wrote in ; ipfw add deny MAC 00:60:67:28:0c:1e any ipfw add deny MAC any 00:60:67:28:0c:1e but I couldn't reject above machine What shall i do ? You have to it first with a sysctl : # sysctl -w net.link.ether.ipfw=1 grtz, Daan ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Filter by MAC Address
Hello, I get router on FreeBSD. I want to filter packet by MAC Address fitering. Pls let me know how can i this using ipfw. Or how can install iptables on freeBSD (with iptables, this is possible). REgards! ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
MAC address change?
Hi all, My colo location has recently done some software upgrades on thier routers and switches. Would this cause the following messages in my /var/log/messages file? Aug 27 05:48:17 enterprise /kernel: arp: 65.39.193.154 moved from 00:0a:41:07:94:80 to 00:06:5b:ee:40:32 on fxp0 TIA, -Grant Grant W. Peel Server Admin [EMAIL PROTECTED] http://thenetnow.com ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: MAC address change?
Yes. Especially if they swapped out IP's on a router or replaced a nic. -- Micheal Patterson Network Administration Cancer Care Network 405-733-2230 - Original Message - From: Grant Peel [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Thursday, August 28, 2003 6:30 PM Subject: MAC address change? Hi all, My colo location has recently done some software upgrades on thier routers and switches. Would this cause the following messages in my /var/log/messages file? Aug 27 05:48:17 enterprise /kernel: arp: 65.39.193.154 moved from 00:0a:41:07:94:80 to 00:06:5b:ee:40:32 on fxp0 TIA, -Grant Grant W. Peel Server Admin [EMAIL PROTECTED] http://thenetnow.com ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: MAC address change?
On Thu, 28 Aug 2003, Grant Peel wrote: Hi all, My colo location has recently done some software upgrades on thier routers and switches. Would this cause the following messages in my /var/log/messages file? Aug 27 05:48:17 enterprise /kernel: arp: 65.39.193.154 moved from 00:0a:41:07:94:80 to 00:06:5b:ee:40:32 on fxp0 Yes, it could, if that IP address is your next upstream hop. That's moving from a Cisco device to a Dell, BTW, not sure it's really an upgrade... KeS ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
dc NIC: mac address gets reset (5.0-REL)
I just installed FreeBSD 5.0-RELEASE on a machine that was running 4.7-RELEASE-p3 before. I've got a problem with my network card: After rebooting the system, it's MAC address is reset to C0:00:C0:00:C0:00. The card works fine otherwise (apart from some dc: failed to force tx and rx to idle state messages that are, as far as the mailing lists tell me, uncritical). This of course makes the DHCP server give me another than my standard IP. Also, if I install FreeBSD 5.0 on another machine in my LAN, and it shows the same behaviour, i'll run into problems. I can manually change the MAC address back to its old value, then restart dhclient, and it works. However, I don't want to have to do that after every reboot... Here's the relevant lines from dmesg: - PASTE START - dc0: Davicom DM9102A 10/100BaseTX port 0xd000-0xd0ff mem 0xef00-0xefff irq 11 at device 11.0 on pci0 dc0: Ethernet address: c0:00:c0:00:c0:00 miibus0: MII bus on dc0 dc0: failed to force tx and rx to idle state dc0: failed to force tx and rx to idle state dc0: failed to force tx and rx to idle state dc0: failed to force tx and rx to idle state dc0: failed to force tx and rx to idle state dc0: failed to force tx and rx to idle state dc0: failed to force tx and rx to idle state dc0: failed to force tx and rx to idle state dc0: failed to force tx and rx to idle state dc0: failed to force tx and rx to idle state dc0: failed to force tx and rx to idle state dc0: failed to force tx and rx to idle state - PASTE END - Any ideas? Greetings Benjamin To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: dc NIC: mac address gets reset (5.0-REL)
On Mon, 20 Jan 2003 16:38:25 -0600 Dan Nelson [EMAIL PROTECTED] wrote: I think this is a known problem. You can probably work around it by creating a file /etc/start_if.dc0 with the single line: ifconfig dc0 ether 01:23:45:67:89:AB That should force the mac address before dhcp starts up. Thank you, works just fine. And it's much less ugly than having a script in /usr/local/etc/rc.d :) Greetings Benjamin To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: dc NIC: mac address gets reset (5.0-REL)
In the last episode (Jan 20), Benjamin Lutz said: I just installed FreeBSD 5.0-RELEASE on a machine that was running 4.7-RELEASE-p3 before. I've got a problem with my network card: After rebooting the system, it's MAC address is reset to C0:00:C0:00:C0:00. The card works fine otherwise (apart from some dc: failed to force tx and rx to idle state messages that are, as far as the mailing lists tell me, uncritical). This of course makes the DHCP server give me another than my standard IP. Also, if I install FreeBSD 5.0 on another machine in my LAN, and it shows the same behaviour, i'll run into problems. I can manually change the MAC address back to its old value, then restart dhclient, and it works. However, I don't want to have to do that after every reboot... I think this is a known problem. You can probably work around it by creating a file /etc/start_if.dc0 with the single line: ifconfig dc0 ether 01:23:45:67:89:AB That should force the mac address before dhcp starts up. -- Dan Nelson [EMAIL PROTECTED] To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Can't find ethernet (MAC) address
Hi, My NIC (Linksys LNE100 TX) has worked fine within a Cable modem LAN (with a Linksys router), but since I've moved in to my college dorm, I can't find the MAC address. With ifconfig, I get something like (I can't reproduce it; typing this from a public computer): % ifconfig . . . ether: ff:ff:ff:ff:ff:ff . . . Apparently, the school requires students to register their ethernet (MAC) addresses before their DHCP server leases an IP address. Is there any way for me to get the ethernet address through FreeBSD? BTW: the machine is FreeBSD-4.7 RELEASE Also, could the MAC address by on the card somewhere (if anybody has a similar card)? All I see is some string of numbers like a scan code. Thanks, James __ Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now. http://mailplus.yahoo.com To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: Can't find ethernet (MAC) address
On Tue, 2003-01-14 at 07:04, James C. Li wrote: Hi, My NIC (Linksys LNE100 TX) has worked fine within a Cable modem LAN (with a Linksys router), but since I've moved in to my college dorm, I can't find the MAC address. With ifconfig, I get something like (I can't reproduce it; typing this from a public computer): You should be able to get it from the dmesg:- dmesg | grep xl xl0: 3Com 3c905B-TX Fast Etherlink XL port 0xec00-0xec7f mem 0xdf80-0xdfff irq 10 at device 13.0 on pci0 xl0: Ethernet address: 00:10:xx:xx:xx:xx The xxs were added for security. - James -- James Pole ICQ: 21721828 AIM: kiwijames1986 MSN: [EMAIL PROTECTED] SMS: +64-210-455-139 To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: MAC address trouble
I did an upgrade of my LAN this morning from 10Mbits to 100Mbits (full duplex). To do so i bought to Sitecom Fast Ethernet LAN cards (sitecom chipset). After installation i found out that freebsd gave both the cards the same MAC address (here is my arp output) 192.168.0.2 08-00-08-00-08-00 dynamic 192.168.0.3 08-00-08-00-08-00 dynamic i also found out that these are not the MAC adresses they are supposed to have (the DOS tool shows other MAC addresses). The driver both cards use is dc Can anyone tell me what is going on and if i can change the MAC of one of the cards during boot. I know i can change them using ifconfig dc0 lladdr newmac but i need to do this at boot cause having the same MAC address i lose contact to both servers. I've resolved the issue currently using /etc/rc.local i also found that this error is already discussed about on freebsd-stable an explanation of the error can be found here. http://groups.google.com/groups?hl=nllr=ie=UTF-8oe=UTF-8threadm=amjkrm%241ke4%241%40FreeBSD.csie.NCTU.edu.twrnum=4prev=/groups%3Fq%3DADM983%2B%252B%2Bfreebsd%26hl%3Dnl%26lr%3D%26ie%3DUTF-8%26oe%3DUTF-8%26selm%3Damjkrm%25241ke4%25241%2540FreeBSD.csie.NCTU.edu.tw%26rnum%3D4%26filter%3D0 Marcel To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: MAC address trouble
ifconfig dc0 lladdr newmac but i need to do this at boot cause having the same MAC address i lose contact to both servers. friend of mine helped me out here, he found an eeprom tool to change the MAC one can download it here http://www.admtek.com.tw/download/AN983B.htm Marcel To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
MAC address trouble
Hi all, I did an upgrade of my LAN this morning from 10Mbits to 100Mbits (full duplex). To do so i bought to Sitecom Fast Ethernet LAN cards (sitecom chipset). After installation i found out that freebsd gave both the cards the same MAC address (here is my arp output) 192.168.0.2 08-00-08-00-08-00 dynamic 192.168.0.3 08-00-08-00-08-00 dynamic i also found out that these are not the MAC adresses they are supposed to have (the DOS tool shows other MAC addresses). The driver both cards use is dc Can anyone tell me what is going on and if i can change the MAC of one of the cards during boot. I know i can change them using ifconfig dc0 lladdr newmac but i need to do this at boot cause having the same MAC address i lose contact to both servers. Marcel -- It's no surprise that things are so screwed up: everyone that knows how to run a government is either driving taxicabs or cutting hair. -- George Burns To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
RE: how to restrict as mac address
On FreeBSD4.x How can I restrict any pc(win9x,2000,etc) as mac address of it's ethernet ? that is can I use ipfw for that ? I did not find any document about that. Have you even searched? http://www.freebsd.org/cgi/man.cgi?query=ipfwapropos=0; \ sektion=0manpath=FreeBSD+4.7-stableformat=html oc To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: Is there a way to get a MAC address from an IP address
On Thu, 2 Jan 2003, Dan Malaby wrote: Is there a way if given an IP address to get the MAC address. The problem I am having is that there are two nic's that are using the same IP address on my network, but the error message my FBSD box gives me is only the MAC address for the offending card. I belive that the offending card does have another ligit IP address. I do have a map of all IP that respond on my network, but do not have a way of knowing which IP goes with which MAC address. arp -an | grep MAC replace MAC with the MAC addr you have. Fer Any help would be appreciated. Daniel Malaby voice:(510) 531-6500 Peritek Corp. fax: (510) 530-8563 5550 Redwood Road email: [EMAIL PROTECTED] Oakland, CA 94619 To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Is there a way to get a MAC address from an IP address
Is there a way if given an IP address to get the MAC address. The problem I am having is that there are two nic's that are using the same IP address on my network, but the error message my FBSD box gives me is only the MAC address for the offending card. I belive that the offending card does have another ligit IP address. I do have a map of all IP that respond on my network, but do not have a way of knowing which IP goes with which MAC address. Any help would be appreciated. Daniel Malaby voice:(510) 531-6500 Peritek Corp. fax: (510) 530-8563 5550 Redwood Road email: [EMAIL PROTECTED] Oakland, CA 94619 To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message