On 2010-02-09, Paolo Supino <paolo.sup...@gmail.com> wrote: > I've setup a new firewall and I'm getting the following line in PF's > log ... > > Jan 31 08:14:34 XXXXX OPF: Jan 31 15:17:40.495167 rule def/(ip-option) > pass in on em3: 172.16.1.59 > 224.0.0.22: igmp-2 [v2] (DF) [tos 0xc0] > [ttl 1] > > What does def/(ip-option) mean and why does it get passed? I don't have > any rules passing multicast traffic and in sysctl(8) multicast > forwarding is disabled:
Looks like you don't have a block rule for that traffic. The default is to pass traffic without keeping state. If that's not enough of a clue, post your ruleset.
