OK. How doe one block OSPF proto. The web gui does not list OSPF as a proto.
On Thu, 16 Dec 2004 17:47:05 -0500, Chris Buechler <cbuechler at gmail dot com> wrote:
> On Thu, 16 Dec 2004 10:33:59 -0700, anders knudsen <andersbk at gmail dot com> wrote:
> > I have qwest dsl. The modem is set up in bridge mode (essentially it's
> > just a transceiver.)
> > m0n0wall is authenticating via PPPoE, and NAT/Firewall are working perfectly.
> > My concern is that ipf is blocking ospf requests from qwest. Will this
> > be a problem? Is it possible/safe to create an ipf rule to not log
> > these requests, as they are very frequent (see output from ipmon
> > below. I removed the source IP...and the 224 is obviously the ospf
> > broadcast address.)
> > I did search the mailing list, and read all the various posts
> > about/requesting ospf support, and can understand why it's not
> > included. I'm not asking for this feature, just trying to understand
> > if blocking these will affect me.
> Not going to hurt anything. That's their OSPF which only affects
> their routers. They really shouldn't be advertising out
> customer-facing interfaces, but we won't go there. :) (depending on
> their network design, if it's not well done, they may have to)
> Yes, you can safely drop and not log it.