Solved ipfw0: That device doesn't support promiscuous mode

xoptov

xoptov

Hello!
I have very strange issue with ipfw0. My kernel has options IPFIREWALL and IPFIREWALL_VERBOSE but when I try listen ipfw0 interface see warning in my console:

Code: 
tcpdump: WARNING: ipfw0: That device doesn't support promiscuous mode
(BIOCPROMISC: Invalid argument)

What is I can fix for ability to listen ipfw0 via tcpdump(1)?
 
What version of FreeBSD? Works for me on 9.2:
Code: 
$ sudo sysctl net.inet.ip.fw.verbose=0
Password:
net.inet.ip.fw.verbose: 1 -> 0

$ sudo tcpdump -n -i ipfw0
tcpdump: WARNING: ipfw0: That device doesn't support promiscuous mode
(BIOCPROMISC: Invalid argument)
tcpdump: WARNING: ipfw0: no IPv4 address assigned
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on ipfw0, link-type EN10MB (Ethernet), capture size 65535 bytes
15:04:36.266714 IP 10.30.237.21.58727 > 66.235.122.103.443: Flags [R], seq 3729067578, win 0, length 0
15:04:36.266742 IP 10.30.237.21.58727 > 66.235.122.103.443: Flags [R], seq 3729067578, win 0, length 0
15:04:37.159739 IP 10.30.244.184.55157 > 209.121.139.138.80: Flags [F.], seq 3759584431, ack 2188719918, win 8192, options [nop,nop,TS val 411635932 ecr 1620793265], length 0
^C
17 packets captured
18 packets received by filter
0 packets dropped by kernel

$ sudo sysctl net.inet.ip.fw.verbose=1
net.inet.ip.fw.verbose: 0 -> 1

$ sudo tcpdump -n -i ipfw0           
tcpdump: WARNING: ipfw0: That device doesn't support promiscuous mode
(BIOCPROMISC: Invalid argument)
tcpdump: WARNING: ipfw0: no IPv4 address assigned
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on ipfw0, link-type EN10MB (Ethernet), capture size 65535 bytes
^C
0 packets captured
0 packets received by filter
0 packets dropped by kernel

Note: if net.inet.ip.fw.verbose is enabled, then all the logged packet information goes to syslogd(8) (where it is written to /var/log/security by default) and nothing will appear in the tcpdump output of ipfw0. When that sysctl is disabled, then all the logged packet information is directed to the ipfw0 interface (and nothing is logged to disk).
 
I just decided what ipfw0 must support promiscuous mode but I mistaking think so :)
 
You must log in or register to reply here.
Back
Top