MACIOC_PROMISC(7mdi)


MACIOC_PROMISC -- MDI enable promiscuous mode ioctl

Description

This ioctl requests that the MDI driver enable promiscuous mode on the adapter. Enabling promiscuous mode means: Promiscuous mode is disabled when the MDI device is opened, and is reset when the device is closed; see open(D2mdi) and close(D2mdi). Multiple opens of the same MDI device are not permitted; this means that only one MDI consumer (for example, a user application or kernel driver) at a time can access the the device. Normally, the dlpid(1M) daemon opens the MDI device when the system goes into multiuser mode.

Promiscuous mode support is optional for MDI drivers. Set the PROMISCUOUS parameter in the driver's bcfg(4dsp) file(s) to true if the driver implements promiscuous mode, or to false if it does not. Use the ndcfg(1M) utility in interactive mode with the promiscuous command to determine if installed network devices support promiscuous mode.

This ioctl can only be sent directly to the MDI device; it will not be passed from the DLPI module (/dev/netX) to the MDI driver (/dev/mdi).

The MACIOC_PROMISC ioctl is valid only if the issuing process is root or has equivalent credentials; drivers should call drv_priv(D3) to determine if the accompanying privileges are appropriate.


NOTE: Promiscuous mode can be useful for network troubleshooting; network monitors and other tools rely on promiscuous mode. However, its use can pose significant security risks, particularly when root integrity has been compromised. For this reason, modifications to MDI drivers concerning promiscuous mode are not supported. For more information, see CERT (Computer Emergency Response Team) Coordination Center advisories concerning network monitoring attacks, available at:

http://www.cert.org


Parameters

None; no ioctl data mblk is associated with this ioctl.

Data returned

None.

Version applicability

mdi: 1, 2, 2.1

References

Intro(7mdi)

``MDI ioctls'' in HDK Technical Reference


25 April 2004
© 2004 The SCO Group, Inc. All rights reserved.
HDK 7.1.0b - 15 March 2000