Hi all, I implemented most of the strict firewall ruleset as outlined in David Ranch's Trinity OS document. Everything works great and the system has been up and running for over a week. My Linux box is connected to a Roadrunner cable modem thru eth1 and serves two other machines with the eth0 interface. In any case, the only curiosity is that I get a log entry every 2 minutes that looks like the following: Mar 24 00:07:44 homebase kernel: IP fw-in rej eth1 PROTO=2 24.93.0.234 224.0.0.1 L=28 S=0x00 I=34902 F=0x0000 T=1 It appears it might be related to the fact I enabled the multicast route (ip addr of 224.0.0.1) and it appears it is an IGMP message (PROTO=2). Am I right so far? If so, how do I use ipfwadm to allow this protocol in a strict ruleset where everything else should be rejected? Or else, how do I set it up to reject but not log these hits? I didn't see anything in the man or sources of ipfwadm that would allow me to specify this protocol. Maybe I should just get rid of the multicast route? I was looking forward to learning more about mbone sometime in the future. TIA, Regards, Dave Goodwin _______________________________________________ Masq maillist - [EMAIL PROTECTED] http://tiffany.indyramp.com/mailman/listinfo/masq Admin requests can be handled by web (above) or [EMAIL PROTECTED]
