(Solved) Unable to stop multicast traffic from being logged
-
Well, leave it alone until you have figured it out. The above instructions are more than sufficient, provided some basic understanding of the firewall.
-
Well, leave it alone until you have figured it out. The above instructions are more than sufficient, provided some basic understanding of the firewall.
???
Well, thank you.
Perhaps somebody else would be willing to give an explanation that will actually help me get further.
The above instructions are more than sufficient
Classic communication theory has a lot to say about that.
Actually, I don't understand your response; why bother?
-
I am still struggling with this :P.
In the shower I was thinking this: suppose I add these multicast IPs to an alias, and then create a floating rule (without logging) to allow connections from LAN to that alias, would that be safe - and wise? It seems to work, but I don't know if by doing so I am breaching security ( ???)
Thank you in advance for any replies ;D
-
@Hollander:
It seems to work, but I don't know if by doing so I am breaching security ( ???)
No, you are breaching functionality in the first place… by blocking (potentially) legit traffic on your LAN interface(s).
-
The IGMP messages I was receiving were due to my Netgear router/modem.
It's been so long ago I don't remember exactly what the setting was, but it was an option in the Netgear management console you could check or uncheck. Once I turned it off the broadcast messages stopped. I was able to recheck the Block Private Networks box on the WAN interface and haven't had any trouble out of it since.
In fact, I never have any trouble out of my pfSense box.
-
Ok, it appears I didn't watch too good. This thread is about WAN, but my logs are filled with this kind of traffic on LAN. It originates from my desktops, that appear to be doing some SSDP-discoveries. This seems legitimate, so I thought: I will create a rule allowing this, and move it to the top of the LAN-rules.
So: UDP, source: LAN net, destination 224.0.0.0/4, pass.
This works for about an hour or so (no more messages in my logs), and then suddenly the rule has moved to the bottom of the list ???
Why doesn't the rule stay in place? Is this a bug, or a feature?
-
Now I am starting to get ex-tre-me-ly frustrated ( :'( :'( :'().
I also disabled 'block bogon' on LAN, and again, the rule stays in place for one hour, then drops to the bottom of the list and my logs are spammed with the useless lines again.
-
Literally hundreds and hundreds of lines of only this pic.
-
@Hollander:
I also disabled 'block bogon' on LAN, and again, the rule stays in place for one hour, then drops to the bottom of the list and my logs are spammed with the useless lines again.
Make all of those pfBlocker rules "alias only" in list action, you can order those as you wish.
-
@Hollander:
I also disabled 'block bogon' on LAN, and again, the rule stays in place for one hour, then drops to the bottom of the list and my logs are spammed with the useless lines again.
Make all of those pfBlocker rules "alias only" in list action, you can order those as you wish.
Thank you very, very, much, dok; I have had that running for 12 hours now, and it appears all these stupid log messages are now, finally, gone. Again: thank you :P
-
You are welcome ;)