From owner-freebsd-pf@FreeBSD.ORG  Mon Dec  5 11:10:54 2005
Return-Path: <owner-freebsd-pf@FreeBSD.ORG>
X-Original-To: freebsd-pf@freebsd.org
Delivered-To: freebsd-pf@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 5643416A41F
	for <freebsd-pf@freebsd.org>; Mon,  5 Dec 2005 11:10:54 +0000 (GMT)
	(envelope-from solinym@gmail.com)
Received: from wproxy.gmail.com (wproxy.gmail.com [64.233.184.194])
	by mx1.FreeBSD.org (Postfix) with ESMTP id BBC4F43D60
	for <freebsd-pf@freebsd.org>; Mon,  5 Dec 2005 11:10:53 +0000 (GMT)
	(envelope-from solinym@gmail.com)
Received: by wproxy.gmail.com with SMTP id 55so32190wri
	for <freebsd-pf@freebsd.org>; Mon, 05 Dec 2005 03:10:53 -0800 (PST)
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com;
	h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references;
	b=gCXmmy7hbhFVv1Gl+6qX1c8Bg4FiaCOLR9m4dNJJB9cWUHwdFs9eykCYmU6Nl0GNru6HUzyx0MNaAWaxbua4+TBGHGbX8t49QH5PnZzqFHxXnWh8fUk21yPx9h5ENZtsKP0GZU9iC09fUPLdanI6kPLH2a1qsi588+qg+GGt8/E=
Received: by 10.54.156.15 with SMTP id d15mr363105wre;
	Mon, 05 Dec 2005 03:10:52 -0800 (PST)
Received: by 10.54.81.20 with HTTP; Mon, 5 Dec 2005 03:10:52 -0800 (PST)
Message-ID: <d4f1333a0512050310h16e684abi6b98814fe6f29a96@mail.gmail.com>
Date: Mon, 5 Dec 2005 05:10:52 -0600
From: "Travis H." <solinym@gmail.com>
To: Jany <sebosik@demax.sk>
In-Reply-To: <437A6296.2010105@demax.sk>
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline
References: <437A6296.2010105@demax.sk>
Cc: freebsd-pf@freebsd.org
Subject: Re: Multicast over NAT
X-BeenThere: freebsd-pf@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Technical discussion and general questions about packet filter
	\(pf\)" <freebsd-pf.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
	<mailto:freebsd-pf-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-pf>
List-Post: <mailto:freebsd-pf@freebsd.org>
List-Help: <mailto:freebsd-pf-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
	<mailto:freebsd-pf-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 05 Dec 2005 11:10:54 -0000

> I found that I need to allow packets with allow-opts (IGMP) - which I
> also tried, but it doesn`t help... If i trie to fetch playlist in VLC
> via SAP announces, it sends some IGMP packets to $int_if, but they won`t
> pass out on $ext_if. Is it possible to config Packet Filter to support
> multicast traffic.

IGMP is its own protocol, like TCP or UDP.  You need to create a rule
that allows it.  Also you will likely need to create rules for the
appropriate multicast addresses; I don't think that referring to an
interface will pick up the multicast addresses (it doesn't pick up
subnet-directed broadcast or local broadcast).

Beyond that, I don't know.  I've never fooled with IGMP... if all else
fails, consider reading the RFC.
--
http://www.lightconsulting.com/~travis/  -><- Knight of the Lambda Calculus
"We already have enough fast, insecure systems." -- Schneier & Ferguson
GPG fingerprint: 50A1 15C5 A9DE 23B9 ED98 C93E 38E9 204A 94C2 641B