a cablemodem and mulitcast packet noise@console

To: debian-user@lists.debian.org
Subject: a cablemodem and mulitcast packet noise@console
From: Raghavendra Bhat <ragu@vsnl.com>
Date: Mon, 10 Dec 2001 21:24:16 +0530
Message-id: <[🔎] 20011210155416.GA3253@gnuhead.icarus.net>
Mail-followup-to: Raghavendra Bhat <ragu@vsnl.com>, debian-user@lists.debian.org

Hello:  First off, I  should thank  mad duck  (martin krafft)  and Brian
Bassett (ipmasq maintainer).   I had this problem of  my Motorola SB3100
cable modem,  spewing forth multicast  packet log details on  my console
every  3 minutes  after getting  'ipmasq'  installed.  When  I stop  the
ipmasq firewall  daemon, everything returned to normal.   It was madduck
who  suggested  that  I  had   a  multicast  issue.   I  turned  off  IP
multicasting when compiling the kernel  to stop this 'spew menace'; tho'
that was not the correct solution and even removed 'ipmasq'.

Today,  I re-installed  ipmasq  because this  is  the ultimate  firewall
config tool.   It can setup  firewalling for you  on both the  2.2.x and
2.4.x kernels ie. for both IPChains and IPTables.  I solved the issue by
modifying  the  rule-set   'I32intmcast.def'  in  /etc/ipmasq/rules.   A
similar  file 'I32intmcast.rul' was  created using  'I32intmcast.def' as
the template and the following line under the netfilter section:

    $IPTABLES -A INPUT -j DROP -s 192.168.100.1/27 -d 0.0.0.0/0

solved  the console  noise.  The  default rule-set  in 'I32intmcast.def'
accepts the  multi-casted packet instead  of DROP/DENY and  forwards it.
(I do not  know and am a total  idiot here ;-) Maybe it  is required for
some other interface/service).  Here is the culprit-line:

    $IPTABLES -A INPUT -j ACCEPT -i ${i%%:*} -d 224.0.0.0/4 -p ! tcp 

Why did it happen ?  The SB3100 can  also act as a DHCP server for a LAN
consisting of 32  machines (I dunno the exact  figure) and the multicast
noise was generated by this DHCP server with IP 192.168.100.1.  This was
happening even after I unchecked the server option via the Web interface
at this IP.  (I am still clueless).  The rule-set  was written to accept
Internal interface/s multicast packets (I still have to learn why ?).

I am  still reading the IPMasq  docs and I  have no words to  thank this
excellent package/docs.  Look no further  if you want to 'firewall' your
Cable/Dial-up system.  Please do visit the IPMasq site @

    http://ipmasq.cjb.net/

and sorry for this longish troll.

-- 
ragOO, VU2RGU<->http://gnuhead.dyndns.org/<->GPG: 1024D/F1624A6E 
       Helping to keep the  Air-Waves FREE         Amateur Radio 
       Helping to keep your Software  FREE       the GNU Project
       Helping to keep the  W W W     FREE  Debian GNU/${kernel}

Reply to:

Prev by Date: Copying a harddisk to another using dd
Next by Date: gs testing on stable
Previous by thread: Re: Copying a harddisk to another using dd
Next by thread: gs testing on stable
Index(es):
- Date
- Thread