The pflogs on my firewall and on a new system I'm installing (-current with pretty much a default pf.conf) are flooded with igmp query entries. Neither system has a log rule for such action.
Ex: =================================== rule 1/(match) pass in on em1: 192.168.1.20 > 224.0.0.1: igmp query [ttl 1] =================================== pf.conf: =================================== # $OpenBSD: pf.conf,v 1.55 2017/12/03 20:40:04 sthen Exp $ # # See pf.conf(5) and /etc/examples/pf.conf set skip on lo block return # block stateless traffic pass # establish keep-state =================================== Reason? Solution? Thanks!
