Subject: Re: a remote user can check promiscuous mode
To: der Mouse <mouse@Rodents.Montreal.QC.CA>
From: Andrew Brown <>
List: tech-net
Date: 12/11/1999 04:05:40
>Yes...but promiscuous mode amounts to just that, to disabling the
>harware filtering, so that all packets get kicked upstairs to the
>kernel.  This is exactly what BPF wants, but we can't both disable the
>filter for BPF and enable the filter for normal packet reception.  (It
>would be Really Nice to see network hardware that, when in promiscuous
>mode, tagged each packet with a bit indicating whether the packet would
>have been received were it not for promiscuous mode.  I know of no such
>hardware, unfortunately.) freebsd laptop displayed a "similar" problem.  if i left
forwarding turned on, but went somewhere where i didn't need it, it
forwarded anyway.  i later decided that the card (a 3c589d) was
"stuck" in promiscuous mode.

wouldn't it be relatively simple (although a probably little
top-heavy) to add a few lines of code to ether_input() to check the
dst hardware address vs the interface address on which the packet
arrived if the dst hardware address is *not* multi/broadcast?  or does
ether_input() not have that information avaliable to it?

or would that simply be "glossing over" the "broken" drivers?

|-----< "CODE WARRIOR" >-----|             * "ah!  i see you have the internet (Andrew Brown)                that goes *ping*!"       * "information is power -- share the wealth."