Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    multicast 224.0.0.22 incorrectly flagged by !RFC1918 alias

    Scheduled Pinned Locked Moved Firewalling
    4 Posts 4 Posters 83 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • CatSpecial202C
      CatSpecial202
      last edited by CatSpecial202

      Hello, I had a log today that doesn't make sense . The firewall System Logs are reporting that I'm having 224.0.0.22 IGMP is being blocked by a rule that does not have this IP as blokced.

      Here you can see the list the IGMP block:
      c05136cc-cbcf-47cd-9dea-ae0150849e25-image.png

      cc50e32c-859a-4730-baf2-cde8d57628d2-image.png

      This is the rule that the log is flagging as blocking:

      093c4e5a-1efe-45a7-91d0-4f928a9c4ef7-image.png

      abb135a7-e946-4870-b279-c70b91c5d4b4-image.png

      keyserK 1 Reply Last reply Reply Quote 0
      • N
        NOCling
        last edited by

        No its correct, this IP Space is not Part of the RFC1918.
        https://www.rfc-editor.org/rfc/rfc1918.html

        There you find more informations:
        https://www.rfc-editor.org/rfc/rfc5771.html

        Netgate 6100 & Netgate 2100

        w0wW 1 Reply Last reply Reply Quote 0
        • w0wW
          w0w @NOCling
          last edited by

          @NOCling
          Maybe I misunderstood the question, but this is exactly what he's talking about. If this IP is not part of RFC1918, then why is it being blocked by the rule for RFC1918?

          1 Reply Last reply Reply Quote 0
          • keyserK
            keyser Rebel Alliance @CatSpecial202
            last edited by keyser

            @CatSpecial202 The traffic is not being blocked because it is considered part of the RFC1918 space. Your rule is not a block rule, but rather a PASS rule (!RFC1918).
            The traffic is blocked by your rule though - but thats because the IGMP multicast packets that was intended to be passed by the rule has IP options enabled that the default IP options filtering in the rule denies. Hence it blocks the traffic. Seach for IGMP filtering blocks traffic on this forum to understand the problem and configure your rule accordingly.

            Fx: this thread https://forum.netgate.com/topic/187896/how-to-stop-logging-blocked-lan-igmp

            Love the no fuss of using the official appliances :-)

            1 Reply Last reply Reply Quote 1
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.