General Questions

In the past when I was using my little Linksys WRT54G, I was able to spoof the MAC address for my Cable connection using the "clone mac" feature. I would do this because this would change my WAN IP if needed . I was able to use any MAC I wanted, and it would work and give me a different IP for every MAC I tried (great isp hmm? ).  Anyways, I tried doing that just now by going to Interfaces > WAN in m0n0wall, and I used a MAC that was a little different than the real burned in address, just to test it out.

After changing a few chars in it to different HEX digits, I saved it. Then I released/renewed my WAN IP as I would do with the Linksys. I checked Status > Interfaces and I wasn't getting a WAN IP  . It would show up as 0.0.0.0 / 255.0.0.0. So I cleared out the spoofed MAC, saved, released, renewed... set everything back to normal....and I still couldnt get out to the internet.

Funny thing was that in the Status > Interfaces it was still showing the spoofed MAC even though I cleared it out, released, and renewed! So I rebooted, and then the firewall wouldn't even boot up. It would get to this point and then stop loading:

Code:

FreeBSD/i386 bootstrap loader, Revision 0.8
(root@fb411.neon1.net, Sun May  8 12:15:29 CEST 2005)
/kernel text=0x2eeb60 data=0x69d50+0x2221c syms=[0x4+0x409a0+0x4+0x489a6]
/

So I popped in a freshly formatted floppy, rebooted, and was able to get in and set my interfaces again and restore my backed up config that I created before messing with this stuff And that's where I left off. Everything is OK now, but that MAC spoofing really screwed me up. I've tried using the spoof MAC back in 1.22 and it also did the same thing as mentioned above... I was going to report it but couldn't find where to do that at the time.

I just tried doing the spoofing again with the old linksys and it still works.... so I know my ISP still allows this IP changing... or 'hasn't fixed it' I should say   But I'm just wondering what the Linksys is doing that m0n0wall isnt, or if this is a bug... or whatever. I posted some screenshots below of the Linksys spoofing, not sure if it will help with anything, but it's proof that it works. Thanks in advance!

Monowall Version: 1.23
Cable Modem: Motorola SB5100

00:04:5A:AA:94:CC
(http://img79.imageshack.us/img79/5588/macys8.png)
00:04:5A:BB:91:AA (spoofed, and it works!)
(http://img79.imageshack.us/img79/2403/mac2xe6.png)

There are a lot of people that use MAC spoofing with no problems. This is definitely not a widespread bug. Why it won't reboot after you do that doesn't make sense, at the point it's stopping it hasn't even attempted to read config.xml, so that definitely seems completely unrelated.

Not sure what to tell you. I'm relatively certain it probably isn't a bug but I'll leave it here since some of what you describe leaves me not 100% sure.

I've been playing around with everything I can think of, to see if I could get it to go, and here are my results:

I notice that when I spoofed the MAC with the Linksys router, this new  spoofed mac is added to a table in my SB5100 cable modem as a "Learned" MAC address. So I tried one of the MACs that I used as a spoof in the past with the Linksys, but instead in m0n0wall. This was just to see if that would work, since that MAC had worked with the Linksys, and the modem already has it recognized as a 'Learned MAC'. But...no luck there.

Right after that I tried rebooting the modem, then releasing/renewing from m0n0wall, and no luck.

I tried rebooting m0n0wall WITH the spoofed address still entered. It did the reboot fine, but still would not pick up an IP address after the reboot. So I took out the spoofed address, saved, released, renewed. And still no internet connection. Rebooted, and now I was able to get internet. But of course the spoofed MAC is not in there. So I can never get internet with the spoofed MAC.

I checked out the logs throughout all this releasing and renewing and it always would give me something like:

dhclient: DHCPDISCOVER on rl1 to 255.255.255.255 port 67 interval 3
dhclient: DHCPDISCOVER on rl1 to 255.255.255.255 port 67 interval 6
dhclient: DHCPDISCOVER on rl1 to 255.255.255.255 port 67 interval 11
dhclient: DHCPDISCOVER on rl1 to 255.255.255.255 port 67 interval 9
dhclient: DHCPDISCOVER on rl1 to 255.255.255.255 port 67 interval 10
dhclient: DHCPDISCOVER on rl1 to 255.255.255.255 port 67 interval 16
dhclient: No DHCPOFFERS received.
dhclient: No working leases in persistent database - sleeping.

I'm thinking about trying a different network card. Not sure if that would really matter, but it's worth a shot I guess. Also, I think there just may be a bug with the part when I clear out the spoofed mac, but it still remembers and uses that MAC as shown in the Status>Interfaces area. Because after clearing it out and saving, it shouldnt remember that spoofed MAC at all. I have to reboot for it to forget about it. I'm guessing if it did forget about it, and use the actual burned-in address after I cleared it out, I wouldn't have to reboot to get internet there. But you guys probably know more about it, and as you said it works fine for others, so I wont flat out just call it a bug. I'm going to try another card right now just to see, so I will post back when done. Thanks for the help so far! 

Using a different card worked! I can now spoof the mac and get a new IP with m0n0wall, without rebooting or having to do anything out of the ordinary. Works just like I wanted it to 

So there's no bug with the MAC spoof, just a quirky network card I guess. Later I can post the brand/model number in case you guys want if you want to troubleshoot that bug, or so people can avoid using that card  I believe it's an older card, so that may be why.

Anyways, thanks again!

Oh! Yeah, you're right, I didn't think about that earlier. Some NIC cards don't support MAC spoofing, regardless of OS. IIRC on FreeBSD they have to support promiscuous mode and some (though very few) NIC's don't. That's at least part of the equation, there may be more to it than that.

I'll move this to a more appropriate board for future reference of others.