Have noticed on a recent install of FreeBSD 10.1 network firewall (pf) ,by accident, that if I enable tcpdump on the external interface, I can easily obtain an IP address via Dhclient on a Comcast cable network. If I close the Tcpdump program, I can no longer ping external ip's such as google dns, or the IPV6 endpoint of a 6-4 tunnel. Once I restart the Tcpdump program, all connectivity is restored. I believe the code in common is the bpf (Berkley Packet Filter).
Have observed the same behavior using FreeBSD 9.3 on the same hardware.
Seems rather odd that I need to have tcpdump running all the time on this firewall. Condition is persistant through reboots. Devices noted in /dev are bpf, and bpf0. Should there be more bpf devices? I remember a while back the kernel options allowed a number option... is that still the case?
network interfaces are RealTek , re0 and re1