Date: Sun, 6 Oct 2019 16:25:26 -0400 From: <starikarp@dismail.de> To: freebsd-ipfw@freebsd.org Subject: Re: igmp query v3 Message-ID: <20191006162526.376c0b95@dismail.de> In-Reply-To: <201910061915.x96JFLAJ068660@gndrsh.dnsmgr.net> References: <20191006145853.1459f62e@dismail.de> <201910061915.x96JFLAJ068660@gndrsh.dnsmgr.net>
index | next in thread | previous in thread | raw e-mail
On Sun, 6 Oct 2019 12:15:21 -0700 (PDT) "Rodney W. Grimes" <freebsd-rwg@gndrsh.dnsmgr.net> wrote: > > Hi! > > > > My system is FreeBSD 12.0-RELEASE-p10 (amd64) and I start learning > > ipfw firewall. > > I have a line: > > cmd 01090 deny log all from any to 224.0.0.0/4 in via $pif > ^^^ all translates to ipv4 or ipv6 > > From /etc/protocols ip is protocol 0, ipv6 is protocol 41 > igmp is protocol 2 > > Your rule needs to be > cmd 01090 deny log igmp from any to 224.0.0.0/4 in via $pif > > > but I never seen anything about blocking igmp. > > Mine pf firewall settings block all the time and I get: > > > > listening on pflog0, link-type PFLOG (OpenBSD pflog file), capture > > size 262144 bytes 2019-10-05 06:47:08.677668 rule 12/0(match): > > block in on bge0: 192.168.1.1 > 224.0.0.1: igmp query v3 [max resp > > time 1.0s] > > > > Why ipfw doesn't block anything, please? What I doing wrong? > > > > Thank you. > > > > > > -- Thank you. -- “Hungry man, reach for the book: it is a weapon.” ― Bertolt Brechthelp
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20191006162526.376c0b95>