Date: Wed, 26 Mar 2008 11:06:24 +0000 From: Bruce M Simpson <bms@incunabulum.net> To: FreeBSD-Net mailing list <freebsd-net@freebsd.org> Cc: dhartmei@FreeBSD.org Subject: CALL FOR FEEDBACK: IGMP and PF interoperability Message-ID: <47EA2E30.9010806@incunabulum.net>
next in thread | raw e-mail | index | archive | help
It has come to my attention that the default configuration of PF in
FreeBSD will block legitimate outgoing IGMP messages.
PF is currently not the default firewall in FreeBSD. Anyone using
multicast in any way, even for link-scope multicasts (224.x.x.x/24),
will be affected by this issue if they use PF as their firewall.
This issue was described in this thread:
http://lists.freebsd.org/pipermail/freebsd-pf/2006-June/002259.html
The documentation does state that allow-opts needs to be specified
explicitly -- there is no fine grained control for the IPv4 options
actually filtered, however, and currently the IP Router Alert option is
handled in the main path in all BSD derived systems.
Please let me know if you have encountered this issue, so that we can
get started on a workaround.
cheers
BMS
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?47EA2E30.9010806>