Thanks Lonnie It does work for the IGMP packets. What should I put in for the Netbios packets?
Regards Michael Knill -----Original Message----- From: Lonnie Abelbeck <li...@lonnie.abelbeck.com> Reply-To: AstLinux List <astlinux-users@lists.sourceforge.net> Date: Wednesday, 24 August 2016 at 10:33 AM To: AstLinux List <astlinux-users@lists.sourceforge.net> Subject: Re: [Astlinux-users] Arno firewall logs Michael, You must have also defined MODEM_IF_IP and/or MODEM_IP, if you only define MODEM_IF="eth0" then there should not be any logging but does allow those packets, not ideal. There really should be a logging option for this plugin, Arno last modified it 5 years ago. Try what Michael Keuter suggested and not enable the dsl-ppp-modem and add the custom_rules tweak(s) he posted. Lonnie On Aug 23, 2016, at 5:18 PM, Michael Knill <michael.kn...@ipcsolutions.com.au> wrote: > Hi Lonnie > > Ok so I configured up the dsl-ppp-modem plugin and as Michael mentioned, it > still logs the following IGMP and Netbios packets: > > Aug 24 08:12:18 4010-Breeze_HO-CM1 user.info kernel: AIF:Dropped MODEM > packet: IN=eth0 OUT= MAC=01:00:5e:00:00:01:18:a6:f7:c7:3a:2c:08:00 > SRC=172.30.254.2 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0x00 TTL=1 ID=0 DF PROTO=2 > Aug 24 08:16:05 4010-Breeze_HO-CM1 user.info kernel: AIF:Dropped MODEM > packet: IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:18:a6:f7:c7:3a:2c:08:00 > SRC=172.30.254.2 DST=172.30.254.255 LEN=241 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF > PROTO=UDP SPT=138 DPT=138 LEN=221 > > It does say Dropped MODEM packet rather than Dropped INPUT packet though so > it did something. > All log denied entries are unchecked. > > Regards > Michael Knill > > -----Original Message----- > From: Lonnie Abelbeck <li...@lonnie.abelbeck.com> > Reply-To: AstLinux List <astlinux-users@lists.sourceforge.net> > Date: Tuesday, 23 August 2016 at 11:25 PM > To: AstLinux List <astlinux-users@lists.sourceforge.net> > Subject: Re: [Astlinux-users] Arno firewall logs > > Hi Michael, > > There is a firewall plugin for that, "dsl-ppp-modem": > https://doc.astlinux.org/userdoc:tt_firewall_plugins#dsl-ppp-modem > > That plugin only adds firewall rules, no routes or IP address. It seems > defining MODEM_IF to the PPPoE external interface is the only required > setting. > > Also check your Firewall sub-tab and uncheck all the "Log Denied ..." entries > to minimize logging. > > Lonnie > > > On Aug 23, 2016, at 6:46 AM, Michael Knill > <michael.kn...@ipcsolutions.com.au> wrote: > >> Hi group >> >> Unfortunately Im not that good on the firewall config. >> I have an external PPPoE modem on eth0 which I access via an IP Address >> configured in rc.elocal. >> Unfortunately I have recently installed a VDSL2 modem that's trying to be >> cleverer than I want it to be and it is filling up my logs with firewall >> denies from broadcast and multicast traffic: >> >> Is there any way I can stop logging on this interface? >> >> Regards >> Michael Knill >> >> ------------------------------------------------------------------------------ >> _______________________________________________ >> Astlinux-users mailing list >> Astlinux-users@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/astlinux-users >> >> Donations to support AstLinux are graciously accepted via PayPal to >> pay...@krisk.org. >> >> > > > ------------------------------------------------------------------------------ > _______________________________________________ > Astlinux-users mailing list > Astlinux-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/astlinux-users > > Donations to support AstLinux are graciously accepted via PayPal to > pay...@krisk.org. > > > ------------------------------------------------------------------------------ > _______________________________________________ > Astlinux-users mailing list > Astlinux-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/astlinux-users > > Donations to support AstLinux are graciously accepted via PayPal to > pay...@krisk.org. > > ------------------------------------------------------------------------------ _______________________________________________ Astlinux-users mailing list Astlinux-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/astlinux-users Donations to support AstLinux are graciously accepted via PayPal to pay...@krisk.org. ------------------------------------------------------------------------------ _______________________________________________ Astlinux-users mailing list Astlinux-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/astlinux-users Donations to support AstLinux are graciously accepted via PayPal to pay...@krisk.org.
