[ previous ] [ next ] [ threads ]
 
 From:  anders knudsen <andersbk at gmail dot com>
 To:  Chris Buechler <cbuechler at gmail dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Qwest DSL OSPF blocking?
 Date:  Thu, 16 Dec 2004 23:46:18 -0700 
OK. How doe one block OSPF proto. The web gui does not list OSPF as a proto.

-Anders

On Thu, 16 Dec 2004 17:47:05 -0500, Chris Buechler <cbuechler at gmail dot com> wrote:
> On Thu, 16 Dec 2004 10:33:59 -0700, anders knudsen <andersbk at gmail dot com> wrote:
> > I have qwest dsl. The modem is set up in bridge mode (essentially it's
> > just a transceiver.)
> > m0n0wall is authenticating via PPPoE, and NAT/Firewall are working perfectly.
> > My concern is that ipf is blocking ospf requests from qwest. Will this
> > be a problem? Is it possible/safe to create an ipf rule to not log
> > these requests, as they are very frequent (see output from ipmon
> > below. I removed the source IP...and the 224 is obviously the ospf
> > broadcast address.)
> >
> > I did search the mailing list, and read all the various posts
> > about/requesting ospf support, and can understand why it's not
> > included. I'm not asking for this feature, just trying to understand
> > if blocking these will affect me.
> >
> 
> Not going to hurt anything.  That's their OSPF which only affects
> their routers.  They really shouldn't be advertising out
> customer-facing interfaces, but we won't go there.  :)  (depending on
> their network design, if it's not well done, they may have to)
> 
> Yes, you can safely drop and not log it.
> 
> -Chris
>