IPFW shows me Strangeness in fresh 8.2-RELEASE system

Sun Oct 23 01:05:49 UTC 2011

I've been slowly bringing up a fresh new 8.2-RELEASE system on one of my
static IPs, and I've set up some minimalist ipfw rules, just for the time
being, to try to protect it from Evil Invaders.  I arranged for these rules
to log all unexpected inbound packets coming in via the one and only ethernet
card.

The card has been ifconfig'd as follows:

ifconfig_rl0="inet 69.62.255.119 netmask 255.255.255.0"

I'll admit to being ignorant about many of the finer details of networking
generally, but to my way of thinking, the above configuration should cause
the card to really only listen for inbound packets addressed to 69.62.255.119.
Yes?  No?

Well, anyway, that's been my experience in the past.

The odd thing is that I'm getting some inbound packets logged by my final
``catch all'' deny & log rule in my IPFW rules list, where the destination
IP address on the packets being logged is *not* 69.62.255.119.

This is absolutely puzzling to me, and I hope that somebody can explain it
to me.  I mean how can this occur?  The destination IP addresses in question
aren;t even in the same /24 as my machine, so I really don;t understand how
or why my card is even receiving these packets.

The inbound packets in question are not really a problem.  I can easily
figure out how to add additional ipfw rules to block them completely.
But the very fact that my ethernet card is even hearing them, given its
configured IP address, is rather disturbing to me, because it obviously
means that there's something deep going on here that I just don't understand,
but I would like to understand it.

The packets in question seem to come in three flavors.  About 1/3 of them look
like this in the /var/log/security file:

Oct 22 17:12:38 coredump kernel: ipfw: 1600 Deny UDP 0.0.0.0:68 255.255.255.255:67 in via rl0

Some others look like this:

Oct 22 17:12:27 coredump kernel: ipfw: 1600 Deny UDP 67.159.149.215:50669 255.255.255.255:2223 in via rl0

Still others look like this:

Oct 22 17:12:01 coredump kernel: ipfw: 1600 Deny UDP 67.159.139.178:520 67.159.139.191:520 in via rl0

The destination addresses for all of the logged packets represented above are
quite clearly *not* the IP address of the machine I'm setting up.  Not even
close.

Note that the machine I've been setting up is on a static IP address on an
ordinary end-luser DSL line.  Note also that all addresses within the 
67.159.128.0/19 block belong to my own ISP, Surewest Broadband.  So it would
seem to be the case that some other folks or businesses who use my same ISP
may perhaps be sending out some funny (and misdirected?) packets, but that's
not an issue that concerns me.  What does concern me is just that fact that
my ethernet card seems to be listening to packets that aren't even addressed
to it, and I really just don't understand why.

Any enlightenment would be appreciated.

Regards,
rfg

P.S.  This is the first time I've ever touched FreeBSD 8.x.  I've been using
7.x releases in the past however, and before that 6.x and 5.x releases and
I've really never seen anything quite like this before.  Do 8.x releases now
cause ethernet cards to listen for stuff they should not even be listening
for?

Color me perplexed.