Re: iptables igmp evil protocol!

To: john smith <inquirer23@hotmail.com>
Cc: <debian-firewall@lists.debian.org>
Subject: Re: iptables igmp evil protocol!
From: Tzafrir Cohen <tzafrir@technion.ac.il>
Date: Mon, 20 Aug 2001 10:55:48 +0300 (IDT)
Message-id: <[🔎] Pine.GSO.4.33_heb2.09.0108201050040.14540-100000@techunix.technion.ac.il>
In-reply-to: <[🔎] F100FGKPeWnEUDS6cRX0000b414@hotmail.com>

On Sun, 19 Aug 2001, john smith wrote:

> I would like to know how to drop or deny igmp multicast protocols.because
> of this annoying console message "SRC=209.247.5.159 DST=224.0.0.1 LEN=28
> TOS=0x00 PREC=0x00 TTL=1 ID=16163 PROTO=2".
> Adding *any* of the lines below in my firewall script doesn't do what it's
> supposed to do.
>
> $IPT -A OUTPUT -s 209.247.5.159 -j DROP

It's INPUT you're after

> $IPT -A INPUT -s 209.247.5.159 -j DROP
> $IPT -A INPUT -p igmp -d 244.0.0.1 -j DROP

Maybe it is explicitly allowed earlier. Maybe there is a line like:

$IPT -A INPUT -s 209.247.5.0/24 -j ACCEPT

earlier in the script.

For the purpose of testing you can replace '-A' with '-I 1' ('insert',
assuming iptables here has the same syntax to ipchains)

>
> Also tried to disable igmp protocol in /etc/protocols by commenting it but
> it didn't work either...

This only means that ipytables won't be able to resolve protocol number 2
to 'igmp' and vice-versa. It won't make the packets go away.

>
> How do I make the annoying broadcast message go to /dev/null so I won't have
> to see it everytime I am connected to the internet via dial-up if I cannot
> delete igmp protocol?

(Not 'delete', 'ignore')

-- 
Tzafrir Cohen
mailto:tzafrir@technion.ac.il
http://www.technion.ac.il/~tzafrir

Reply to:

References:
- iptables igmp evil protocol!
  - From: "john smith" <inquirer23@hotmail.com>

Prev by Date: connections through NAT are disconnected
Next by Date: Re: Firewall scripting - loops howto
Previous by thread: Re: Firewall
Next by thread: Re: iptables igmp evil protocol!
Index(es):
- Date
- Thread