[ previous ] [ next ] [ threads ]
 
 From:  "Paul Dugas" <paul at dugas dot cc>
 To:  "m0n0wall Mailing List" <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Block IGMP
 Date:  Mon, 6 Jun 2005 11:29:25 -0400 (EDT) 
Okay, I seem to be brain dead.  I want to keep "Log packets blocked by the
default rule" enabled but I don't want to see all the IGMP traffic
generated by another router I have in place.  I added a firewall rule on
the LAN interface (where the IGMP-noisy router is connected) to block it
without logging it (proto=IGMP src=*:* dst=*:*) but it's not doing the
trick.  I moved the rule to the top of the list too.

Details:
  Main Router: m0n0-1.2b8
    sis0 is LAN:  10.10.2.1/24
    sis1 is WAN:  dynamic (PPPoE)
    sis2 is WLAN: 10.10.3.1/24
  Other Router:
    LAN0: 10.10.2.4/24
    LAN1: 10.10.99.1/24
  Logged Packets: about every 2 minutes
    LAN  	10.10.99.1  	224.0.0.1  	IGMP
    LAN  	10.10.2.4  	224.0.0.1  	IGMP
    LAN  	10.10.99.1  	224.0.0.1  	IGMP

Annoying.  Suggestions appreciated.

Paul
-- 
Paul Dugas, Computer Engineer           Dugas Enterprises, LLC
paul at dugas dot cc     phone: 404-932-1355   522 Black Canyon Park
http://dugas.cc     fax: 866-751-6494   Canton, GA 30114 USA