Mac spoof on wan - pppoe doesnt work

jimp

You'd probably have to do a packet capture on the physical interface (e.g. vr2) to see that.

From the shell, something like this may work:

tcpdump -vvvnei vr2

xbipin

i tried it and as soon as i go under interfaces->wan and feed in a new mac id and apply the pppoe link under ppp under assign looses its itnerface and i get the below in system log so then i reassign the vr1 interface which is for my wan and pppoe connects but still with the actual mac id, not the spoofed one so i guess it still doesnt work

Jan 12 12:42:27 	php: : Could not find IPv4 gateway for interface (wan).
Jan 12 12:42:27 	php: : Could not find IPv4 gateway for interface (wan).
Jan 12 12:42:27 	php: : Could not find IPv4 gateway for interface (wan).
Jan 12 12:42:27 	php: : Could not find IPv4 gateway for interface (wan).

wallabybob

Did you disable and enable the PPP link around changing the MAC address?

Did you restart the box after changing the MAC address?

xbipin

i restarted now and it seems its using the applied mac id now so i guess it works now so 2 things need to be done, when u apply the new mac id, the itnerface from the ppp link gets lost so it needs to be reaggined so probably that needs a patch so u dont have to go around doing it manually and also put up a note saying to restart the box when mac spoof is used

rbgarga

Following commit should fix the issue, please let me know if it works.

https://github.com/bsdperimeter/pfsense/commit/254ebf8b0fb9a8042d154ab2206d7c4f3f16b487

xbipin

ill test it in some while now and report back

rbgarga

There is a more recent commit with a better solution. Please consider testing this one.

https://github.com/bsdperimeter/pfsense/commit/84086442a2fa40b0fba12cf00a935144de3c5e71

xbipin

tried, it works well but some issues. after i enter a spoofed mac id, it gets implemented and pppoe reconnects and uses the new mac id and everything well but once i goto that spoofed mac id field and remove it and apply again, pppoe reconnects but under ppp tab etc it still keeps showing the spoofed mac id, not the original one, now i tried to do a trace from console to see what amc id its suing for the new connection but wasnt able to as my console hangs, this happens to me a couple of times when i see AT OK in console randomly, so i wasnt able to see is the original mac id being used or no but after a reboot the gui starts showing the original mac id so it might just be a gui bug but in general mac spoof works fine now, thanks

kathampy

When I set a fake MAC address in the PPPoE interface page and attempt to connect, WireShark shows PADI packets still being broadcasted from em0's MAC address. I'm running 2.0.2-RELEASE.

rbgarga

@xbipin:

tried, it works well but some issues. after i enter a spoofed mac id, it gets implemented and pppoe reconnects and uses the new mac id and everything well but once i goto that spoofed mac id field and remove it and apply again, pppoe reconnects but under ppp tab etc it still keeps showing the spoofed mac id, not the original one, now i tried to do a trace from console to see what amc id its suing for the new connection but wasnt able to as my console hangs, this happens to me a couple of times when i see AT OK in console randomly, so i wasnt able to see is the original mac id being used or no but after a reboot the gui starts showing the original mac id so it might just be a gui bug but in general mac spoof works fine now, thanks

The only way to restore original MAC is rebooting (or filling it manually), since we do not keep this information anywhere.