Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    IGMPProxy spamming logs with "The source address 192.168.xxx.xxx for group 239.255.xxx.xxx, is not in any valid net for upstream VIF"

    General pfSense Questions
    2
    3
    747
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      Andrew453 last edited by

      Hi

      I have IGMPProxy running in order to provide IP TV.

      There's a significant number of messages in the log which take the form:

      "The source address 192.168.xxx.xxx for group 239.255.xxx.xxx, is not in any valid net for upstream VIF"

      The message (I think) is actually correct. The 192.168.xxx.xxx devices are not set top boxes but are other devices which are sending multicast traffic/requests to join a multicast group, which I don't want to be proxied out to the WAN. I've therefore only specified the specific multicast address ranges that the IPTV needs in the IGMPProxy setup. The group specified in the error messages are outside those ranges, which is why I think the message is actually right.

      I've tried creating a firewall rule to block IGMP traffic coming in over the LAN from anything other than the two set top boxes on the network, but I still get the message in the logs.

      I think the message is correct and is not indicative of a problem with the IPTV/IGMPProxy set up (the IPTV works ok) - is there any way to suppress the message please?

      Thanks.

      1 Reply Last reply Reply Quote 0
      • A
        Andrew453 last edited by Andrew453

        Looking further at this, it appears that there is a later IGMPProxy version that suppresses this message. It appears to be in present in the forthcoming pfSense release - though if you're impatient you can install it manually from here: https://beta.pfsense.org/packages/pfSense_master_amd64-pfSense_devel/All/igmpproxy-0.2.1%2C1.txz

        The other thing that's present in this version is a new "whitelist" directive in the config file, which would enable the user to configure igmpproxy to ignore certain multicast groups altogether. I don't know if the whitelisting capability is being built into the GUI but if not it can be added manually using a suitable patch.

        In the meantime, you can also prevent igmpproxy from spamming the system logs by redirecting all it's output to stderr using the -d switch. This doesn't solve the underlying problem (you need the whitelisting function for that), but just hides the messages (indeed any message) from spamming the system log.

        1 Reply Last reply Reply Quote 0
        • P
          ProxyMoron last edited by

          Hi,
          Do you know what the process is for installing this manually?

          1 Reply Last reply Reply Quote 0
          • First post
            Last post

          Products

          • Platform Overview
          • TNSR
          • pfSense
          • Appliances

          Services

          • Training
          • Professional Services

          Support

          • Subscription Plans
          • Contact Support
          • Product Lifecycle
          • Documentation

          News

          • Media Coverage
          • Press
          • Events

          Resources

          • Blog
          • FAQ
          • Find a Partner
          • Resource Library
          • Security Information

          Company

          • About Us
          • Careers
          • Partners
          • Contact Us
          • Legal
          Our Mission

          We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

          Subscribe to our Newsletter

          Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

          © 2021 Rubicon Communications, LLC | Privacy Policy