yes I have to do the bios update once
Exchanging onboard nics will be difficult
i can only buy a new 4 port network card
as I said when I enter the command it runs until a restart
ethtool -K green0 gso off gro off tso off
a startup script that executes the command after every restart would be enough for me
I have reported the bug
Iām just afraid that nothing will happen there
supposedly no problem according to admin
It has to do with the lack of post-initialise reset that was taken out. I am pretty sure that this is the case. The problem will go away with this envoked at a root terminal on ipfire
ethtool -K green0 gso off gro off tso off tx off rx off rxvlan off txvlan off
The question becomes how to invoke this at bootup since this patch would have to be ran once at boot time.
The problem has been resolved for me
I switched to a different network card
I switched to the HPE NC364T
Since then itās been quiet
thats literally the best solution 
making a real network driver is the real option.
The reasons why OEMs only provide a driver for a few Linux distributions (if any) and the source code is because they have to make a new driver every time the Kernel changes. But this even happens on other OS platforms too when they have a kernel change.
What puts difficulty in this is the tools required to compile a driver are not included in Ipfire and this should change because an OS should allow drivers to be developed on itself.
I have thought of ripping out Ipfire Perl code and implant it on a stripped down Ubuntu server so I could use the apt system to install all of the build-essentials to compile programs and drivers. But its going to be the same amount of work as manually installing these tools. So for now Iām opting to compile in Ipfire.
Install git and make which are available as addons and with them you can then do your build as per the documentation.
https://www.ipfire.org/docs/devel/ipfire-2-x/build-initial#ipfire
However you will need to build a complete IPFire and not just a driver on its own as all modules are signed by the kernel during building and the key is then thrown away so new driver modules canāt just be added as separate binaries. The kernel will not recognise and use them.
That is the whole thing, ipfire needs these packages installed on them by default or provide pre compiled drivers at every kernel update like the other distributions. Otherwise the OS maintainers will not have control of what works and rely on basic drivers.
I fully disagree with you on that point. Build tools that enable all the compiler tools to be built should not be by default in a production IPFire system.
You should be installing them on a hardware or vm system running on one of your subnets behind your IPFire production system. The install command is not exactly difficult or time consuming, although depending on the IPFire system you are using the build time might be a bit long.
IPFire is not a standard general pupose distribution, it is a Firewall Distribution that should be much more secure.
We provide the drivers that are available in the kernel together with firmware updates from the intel-microcode, linux-firmware, zd1211-firmware .... packages.
We are not going to build any and every out of tree driver. We donāt have the resources to do that for every kernel update and also some of those out of tree drivers are not in the kernel because they are not considered good enough.
adding gcc compiler, and other program modules doesnāt effect security.
adding things that bypasses configurations like avahi-daemon would be a security risk.