On Tue, Oct 27, 2009 at 02:25:03PM +0100, Rene Maroufi wrote: > Hi, > > I have a (bridging) Firewall with OpenBSD 4.6 stable. In /var/log/pflog > I can see many igmp-packets. But I have no "log" statement for these > types of connections in my pf.conf. I have only a log statement for some > other hosts (with a different IP). Are igmp packets always logged?
Addition: my only rule with log is following: # grep log /etc/pf.conf match in log on $iffilter proto tcp from any os windows to any tcpdump -ttt -n -r /var/log/pflog shows lines like: Oct 27 17:19:09.543501 192.168.3.204 > 224.0.0.22: igmp-2 [v2] (DF) [tos 0xc0] [ttl 1] Oct 27 17:19:09.543525 192.168.3.204 > 224.0.0.22: igmp-2 [v2] (DF) [tos 0xc0] [ttl 1] But igmp is not tcp and the host with 192.168.3.204 is a linux host. Regards Rene -- Reni Maroufi i...@maroufi.net
