On Thu, 25 Mar 1999, Dave G. wrote: > It appears it might be related to the fact I enabled the multicast > route (ip addr of 224.0.0.1) and it appears it is an IGMP message > (PROTO=2). Am I right so far? If so, how do I use ipfwadm to allow > this protocol in a strict ruleset where everything else should be > rejected? Or else, how do I set it up to reject but not log these > hits? I didn't see anything in the man or sources of ipfwadm that > would allow me to specify this protocol. You can't, not explicitly. ipfwadm and the 2.0 kernel only recognize TCP, UDP, ICMP and ALL. What you can do is, at the end of your firewall file block TCP, UDP and ICMP explicitly on the Inet interface. Then add rules to deal with "other" traffic... ipfwadm -I -a deny $INET -p tcp ipfwadm -I -a deny $INET -p udp ipfwadm -I -a deny $INET -p icmp then, accept but don't log: ipfwadm -I -a accept $INET accept but log: ipfwadm -I -a accept $INET -o block, don't log: ipfwadm -I -a deny $INET or block and log: ipfwadm -I -a deny $INET -o -- John Hardin KA7OHZ [EMAIL PROTECTED] pgpk -a finger://gonzo.wolfenet.com/jhardin PGP key ID: 0x41EA94F5 PGP key fingerprint: A3 0C 5B C2 EF 0D 2C E5 E9 BF C8 33 A7 A9 CE 76 ----------------------------------------------------------------------- In the Lion the Mighty Lion the Zebra sleeps tonight... Dee de-ee-ee-ee-ee de de de we um umma way! ----------------------------------------------------------------------- 54 days until Star Wars episode I _______________________________________________ Masq maillist - [EMAIL PROTECTED] http://tiffany.indyramp.com/mailman/listinfo/masq Admin requests can be handled by web (above) or [EMAIL PROTECTED]
