Q: After using FreeBSD as my desktop for 1.5 years, one might think that Ive
used OpenBSD as a firewall now: P. Anyways, I finally confirmed that such box
and constructed NAT works by double clicking NATing my network. I am willing to
replace POS SOHO Router we have with this machine. Unfortunately it looks like
our ISP binds the MAC address, and my DHCP client requestes answered with
RFC 1918 addresses. I would prefer to spoof the MAC, so I can always fall back on
the another router just in case. Plus I do not want to talk to my ISP tortue tech
support on a long weekend:)
Thanks in advance!
What Would Walt Do?
Re:Originally posted by: guy
Interesting newsgroup discussion (http://groups.google.com/groups?hl=en&lr=&ie=UTF-8&threadm=fa.ks5qsp7.1imut2t%40ifi.uio.no&rnum=2&prev=/groups%3Fq%3DOpenBSD%2Bsea.c%26hl%3Den%26lr%3D%26i e%3DUTF-8%26sa%3DN%26scoring%3Dd)
Figured n0c might be interested in reading that! I'm going to try sea.c first since it
seems like the simplest solution. Is the code in the CVS servers or is the news group
post from 1998 the most recent code?
Thanks for the link. That patch seems to cover a bunch of the cards, and most of the cards I use (although I don't need MAC spoofing. 
I'm wondering how the patch and sea work on non-x86 archs…
Have Your Own Horse Show
Re:Originally posted by: guy
sea works! Only one minor problem now… I can't reboot the machine without
some manual tweaking after the boot. To perform this function I need to be running
securelevel=0 (default is 1). I got around this by putting the following line in my rc.securelevel
script :
/root/src/sea -v ep0 hexcode > /root/sea.log
When I reboot I have the new mac… but many deamons don't startup because the dhclient
runs before the rc.securelevel script. I also have to start the dhcpd daemon manually, then
run pfctl -f /etc/pf.conf to get that going again. When I become a little more adept at OpenBSD I might try using that patch that I posted previously.
Anyways, thanks for the tips! I am not typing this while behind an OpenBSD nat box! Now
I just need to get a Cisco switch that supports VLANs so I can play around with different
access lists for my suite and the suite upstairs. Right now my ruleset is :
pass in all
pass out all
, I have no idea what the people upstairs are running, so I don't want to start breaking
their programs. Hence the need for VLANS. Hmm… or I could put in a 3rd nic… blah school
started way too early 
I run 3 nics. 1 external, 1 to a "DMZ" area (which needs to be locked down a bit ), and 1 to my wireless laptop. Easy solution. But vlans aren't a bad thing to practice with.
Have Enough Money in Retirement and Make it Last
Re:sea works! Only one minor problem now… I can't reboot the machine without
some manual tweaking after the boot. To perform this function I need to be running
securelevel=0 (default is 1). I got around this by putting the following line in my rc.securelevel
script :
/root/src/sea -v ep0 hexcode > /root/sea.log
When I reboot I have the new mac… but many deamons don't startup because the dhclient
runs before the rc.securelevel script. I also have to start the dhcpd daemon manually, then
run pfctl -f /etc/pf.conf to get that going again. When I become a little more adept at OpenBSD I might try using that patch that I posted previously.
Anyways, thanks for the tips! I am not typing this while behind an OpenBSD nat box! Now
I just need to get a Cisco switch that supports VLANs so I can play around with different
access lists for my suite and the suite upstairs. Right now my ruleset is :
pass in all
pass out all
, I have no idea what the people upstairs are running, so I don't want to start breaking
their programs. Hence the need for VLANS. Hmm… or I could put in a 3rd nic… blah school
started way too early
Men and Women Have Secrets
Re:Interesting newsgroup discussion (http://groups.google.com/groups?hl=en&lr=&ie=UTF-8&threadm=fa.ks5qsp7.1imut2t%40ifi.uio.no&rnum=2&prev=/groups%3Fq%3DOpenBSD%2Bsea.c%26hl%3Den%26lr%3D%26i e%3DUTF-8%26sa%3DN%26scoring%3Dd)
Figured n0c might be interested in reading that! I'm going to try sea.c first since it
seems like the simplest solution. Is the code in the CVS servers or is the news group
post from 1998 the most recent code?
Would you like to Start a Dvd Business?
Re:Originally posted by: guy
sea.c
Nice timing… my googling efforts have just found sea.c and 'option ETHERSPOOF'
do the changes of 'sea' exist after a reboot?
How to Have Healthy Hair – At Any Age
Re:Originally posted by: guy
Might be easier to make the call and set the router up to clone the mac of the FreeBSD box.
Easier than: sea -vd fxp0 00:00:6C:6F:6E:65 fxp1 00:00:77:6F:6C:66 ?
The Best Diet You Have Never Heard Of
Re:Might be easier to make the call and set the router up to clone the mac of the FreeBSD box.
The only way to have Money and Time in the Same Time
Re:OpenBSD's ifconfig doesn't support the 'ether' option.
The NIC is an ISA 3com 3c509-TPO, and I thought I could change it with
the 3c55×9cfg.exe util, but that just changes the IO address and IRQ.
I found this page (http://redhog.org/Projects/Programming/Current/3c5×9setup/) but it doesn't compile! It was complaining about not finding sys/io.h. I removed the include and it complained about not finding certain symbols… turns out those are located in machine/pio.h. I inlucde that header and then it complained about a ioperm() function call… it was only done
once and it didn't look like it would hurt anything to comment it out so I did… the util compiled but now it core dumps. I couldn't google anything on this util and how it works with
OpenBSD.
Cpa Assassin..CPA Networks Have Nowhere to Hide!
Re:Might give 'ifconfig <int> ether lladdr <MAC>' a try. If not the dsniff tools have an app to do it.
Getting Pregnant and Staying Pregnant and Having a Great Birth
Re:Not sure exactly, but have a look in the ifconfig man page, that's how I figured out how to do it on linux (but the same method doesn't work on NetBSD as far as I could tell)
0 Comments.