Date: Sun, 10 Jun 2001 20:35:36 -0400 From: "Louis A. Mamakos" <louie@TransSys.COM> To: Brian Somers <brian@Awfulhak.org> Cc: moncrg@ma.ultranet.com, FreeBSD Net <FreeBSD-net@FreeBSD.ORG> Subject: Re: how to filter out igmp spam on a ppp -nat dialup? Message-ID: <200106110035.f5B0ZaI87538@whizzo.transsys.com> In-Reply-To: Your message of "Sun, 10 Jun 2001 23:33:48 BST." <200106102233.f5AMXmR02476@hak.lan.Awfulhak.org> References: <200106102233.f5AMXmR02476@hak.lan.Awfulhak.org>
next in thread | previous in thread | raw e-mail | index | archive | help
> > this traffic is holding my ppp connection open > > for hours at a time, is there any way to filter > > this out > > > > I tried adding `set filter in 0 deny igmp` > > to my ppp.conf config but then I couldn't do external > > DNS. > > Try > > set filter alive 0 deny igmp > set filter alive 1 permit 0 0 > > Maybe the DNS problem was caused by not having a final permit rule > (falling off the end of the filter set is the same as a deny). You ought to take the approch of specifing what sort of traffic you'd like to have keep up the link, rather than trying to exclude types of traffic as you happen to find it. With a simple filter like that you'll still have the link kept up by ICMP (e.g, PING, etc.) traffic. Or if you decide to run NTP, you'll have the link kept up by that periodic traffic as well. I you configure inclusion rules for the traffic you care about (e.g., SMTP, ssh, etc) you'll be less likely to be surprised in the future. BTW, the IGMP traffic is probably due to the remote RAS box being multicast capable and it doing periodic group membership queries on the link to see what multicast groups the host on the other end of the link was subscribed to. louie To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200106110035.f5B0ZaI87538>