Re: [m0n0wall] Block IGMP

From:	Chris Buechler <cbuechler at gmail dot com>
Cc:	m0n0wall Mailing List <m0n0wall at lists dot m0n0 dot ch>
Subject:	Re: [m0n0wall] Block IGMP
Date:	Mon, 6 Jun 2005 11:59:56 -0400

On 6/6/05, Paul Dugas <paul at dugas dot cc> wrote:
> Okay, I seem to be brain dead.  I want to keep "Log packets blocked by the
> default rule" enabled but I don't want to see all the IGMP traffic
> generated by another router I have in place.  I added a firewall rule on
> the LAN interface (where the IGMP-noisy router is connected) to block it
> without logging it (proto=IGMP src=*:* dst=*:*) but it's not doing the
> trick.  I moved the rule to the top of the list too.
> 
> Details:
>   Main Router: m0n0-1.2b8
>     sis0 is LAN:  10.10.2.1/24
>     sis1 is WAN:  dynamic (PPPoE)
>     sis2 is WLAN: 10.10.3.1/24
>   Other Router:
>     LAN0: 10.10.2.4/24
>     LAN1: 10.10.99.1/24
>   Logged Packets: about every 2 minutes
>     LAN         10.10.99.1      224.0.0.1       IGMP
>     LAN         10.10.2.4       224.0.0.1       IGMP
>     LAN         10.10.99.1      224.0.0.1       IGMP
> 

From which rule?  
http://m0n0.ch/wall/docbook/troubleshooting-firewall-rules.html

-Chris