Date: Sun, 6 Oct 2019 16:25:26 -0400 From: <starikarp@dismail.de> To: freebsd-ipfw@freebsd.org Subject: Re: igmp query v3 Message-ID: <20191006162526.376c0b95@dismail.de> In-Reply-To: <201910061915.x96JFLAJ068660@gndrsh.dnsmgr.net> References: <20191006145853.1459f62e@dismail.de> <201910061915.x96JFLAJ068660@gndrsh.dnsmgr.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 6 Oct 2019 12:15:21 -0700 (PDT) "Rodney W. Grimes" <freebsd-rwg@gndrsh.dnsmgr.net> wrote: > > Hi! > >=20 > > My system is FreeBSD 12.0-RELEASE-p10 (amd64) and I start learning > > ipfw firewall. > > I have a line: > > cmd 01090 deny log all from any to 224.0.0.0/4 in via $pif > ^^^ all translates to ipv4 or ipv6 >=20 > From /etc/protocols ip is protocol 0, ipv6 is protocol 41 > igmp is protocol 2 >=20 > Your rule needs to be > cmd 01090 deny log igmp from any to 224.0.0.0/4 in via $pif >=20 > > but I never seen anything about blocking igmp. > > Mine pf firewall settings block all the time and I get: > >=20 > > listening on pflog0, link-type PFLOG (OpenBSD pflog file), capture > > size 262144 bytes 2019-10-05 06:47:08.677668 rule 12/0(match): > > block in on bge0: 192.168.1.1 > 224.0.0.1: igmp query v3 [max resp > > time 1.0s] > >=20 > > Why ipfw doesn't block anything, please? What I doing wrong? > >=20 > > Thank you. > >=20 > >=20 > > --=20 Thank you. --=20 =E2=80=9CHungry man, reach for the book: it is a weapon.=E2=80=9D=20 =E2=80=95 Bertolt Brecht
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20191006162526.376c0b95>