"Scott C. Best" wrote: > > Heya. Thanks for the packet log, am updating fwlog.pl > to include an awareness of protocol 88. It knew about regular > IGRP (IP protocol 9) but not this one. :) > > Regarding silent deny's...you can block the whole > 224.0.0.0/4 range (RFC-1112 Class-D multicast) without worry. > That catches IGMP, IGRP, EIGRP, and probably others. As you'd > expect, this is in the same "reduce my log noise" section of > echowall.rules.
And, what is the best way to do this? Charles, is this possible with SILENT_DENY? Or, need we implement a special ipchains rule in /etc/ipchains.input ??? What do you think? > > We just connected Dachstein-CD to a T-1 via Sangoma panpipe pci card. > > > > We are receiving a plethora of these: > > > > kernel: Packet log: input DENY wan PROTO=88 x.y.z.158:65535 > > 224.0.0.10:65535 L=60 S=0xC0 I=0 F=0x0000 T=2 (#39) > > > > Yes, we know that protocol 88 is EIGRP. > > > > No, Ethernet <http://www.echogent.com/cgi-bin/fwlog.pl> does not > > recognize this. > > > > [1] Does this represent a problem? Or, is this a candidate for Silent > > Deny? > > > > [2] Dachstein Silent Deny handles *only* icmp, tcp and udp. What is the > > best way to Silent Deny these? > > > > What do you think? -- Best Regards, mds mds resource 888.250.3987 Dare to fix things before they break . . . Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . _______________________________________________ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
