[lug] OT: Wake On Lan

D. Stimits stimits at attbi.com
Tue Aug 27 13:47:37 MDT 2002 

Peter Hutnick wrote:
>>watch what is sent (DHCP broadcasts are apparently from normally
>>non-routeable IP's). Still, I thought that this machine would ignore
>>such broadcasts, I have in theory disabled WOL both in the o/s and in
>>the BIOS.
> 
> 
> WOL has nothing to do with IP.  There is no IP stack in your NIC . . .

I understand this, but the filtering bridge is NOT the machine waking 
up. The bridge is passing broadcasts from any IP to broadcast. The 
*source* IP of the broadcast does indeed exist, there just is not a 
destination. For example, there is a 10.x.x.x IP address doing some of 
the port 68/69 DHCP work, and it uses broadcasts. I know from testing I 
have to let it pass, or machines cannot get their IP. But it also allows 
all packets from all 12.x.x.x broadcasts, and I do not know just which 
broadcasts I can remove via the bridge firewall. This is quite possible 
to filter based on source IP, and does not involve destination IP. The 
filter is a Linux bridge, the machine waking up is Win 98. I suspect the 
source is a 12.x.x.x address.

I think things will be a bit easier to deal with after I upgrade the 
kernel, the newest kernels offer MAC address targets for firewalling 
rules. I do not want to simply remove all broadcasts from the 12.x.x.x 
range, I have plans for its use internally (too bad it isn't so easy to 
dual-IP NIC's on win98, I could just create a separate internal IP 
network...until this project I had not realized just how primitive 
windows networking is, even on Win2K, which is far more advanced than 98).

> 
> AFAIK it uses raw ethernet frames.
> 
> I'm not much of a programmer, but you might find
> ftp://ftp.scyld.com/pub/diag/ether-wake.c instructive.

The interesting thing from the articles so far seems to be that there is 
a magic byte sequence, and that no matter what protocol or address is 
used, when in WOL standby mode, the NIC will wake up if that byte 
sequence is seen. If it sees on a HUB this packet sequence from an 
unrelated tcp/ip, udp, or broadcast, even if not intended to be WOL, it 
will wake up. The trick seems to be that at shutdown or power off, the 
NIC has to transition to this mode. Looks like something in 98 is flakey 
(imagine that!), and putting it into the WOL mode even when it is told 
not to. The wakeup software itself seems to use UDP code for various 
manager solutions, but the only reason for UDP is that it does not 
require a connection...tcp/ip would work just as well if a HUB (versus 
switch) were used.

D. Stimits, stimits AT attbi.com

More information about the LUG mailing list