Doug Sampson wrote:
Proto 2 is IGMP. Note that with ipchains you can also use numeric protocol numbers anywhere you'd type the actual protocol, and that some protocols (like igmp) don't use port numbers, so you can leave the dstport variable empty in SILENT_DENY.What protocol does PROTO=2 refer to?Example: Dec 4 16:23:40 CX269409-C kernel: Packet log: input DENY eth0 PROTO=2 192.168.100.1:65535 224.0.0.1:65535 L=28 S=0xC0 I=0 F=0x0000 T=1 (#12)
In your case, you can use either:
SILENT_DENY="2_192.168.100.1"
or
SILENT_DENY="igmp_192.168.100.1"
FYI: The destination address of 224.0.0.1 is a multicast address which means "all local multicast hosts, including routers", which is why you're recieving the traffic in the first place.
--
Charles Steinkuehler
[EMAIL PROTECTED]
-------------------------------------------------------
This SF.net email is sponsored by: Microsoft Visual Studio.NET comprehensive development tool, built to increase your productivity. Try a free online hosted session at:
http://ads.sourceforge.net/cgi-bin/redirect.pl?micr0003en
------------------------------------------------------------------------
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
