igmp query v3
Rodney W. Grimes
freebsd-rwg at gndrsh.dnsmgr.net
Sun Oct 6 19:15:36 UTC 2019
> Hi!
>
> My system is FreeBSD 12.0-RELEASE-p10 (amd64) and I start learning ipfw
> firewall.
> I have a line:
> cmd 01090 deny log all from any to 224.0.0.0/4 in via $pif
^^^ all translates to ipv4 or ipv6
>From /etc/protocols ip is protocol 0, ipv6 is protocol 41
igmp is protocol 2
Your rule needs to be
cmd 01090 deny log igmp from any to 224.0.0.0/4 in via $pif
> but I never seen anything about blocking igmp.
> Mine pf firewall settings block all the time and I get:
>
> listening on pflog0, link-type PFLOG (OpenBSD pflog file), capture size 262144 bytes
> 2019-10-05 06:47:08.677668 rule 12/0(match): block in on bge0:
> 192.168.1.1 > 224.0.0.1: igmp query v3 [max resp time 1.0s]
>
> Why ipfw doesn't block anything, please? What I doing wrong?
>
> Thank you.
>
>
> --
> ?Hungry man, reach for the book: it is a weapon.?
>
> ? Bertolt Brecht
> _______________________________________________
> freebsd-ipfw at freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-ipfw
> To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe at freebsd.org"
>
>
--
Rod Grimes rgrimes at freebsd.org
More information about the freebsd-ipfw
mailing list