Charles Steinkuehler wrote:
Regarding silent deny's...you can block the whole
224.0.0.0/4 range (RFC-1112 Class-D multicast) without worry.
That catches IGMP, IGRP, EIGRP, and probably others. As you'd
expect, this is in the same reduce my log noise section of
Michael D. Schleif wrote:
However, how do I silently deny anything from any source that is
destined for 255.255.255.255 ???
Since ATT Broadband moved me to the new network, I am flooded with this
crap:
PROTO=17 12.242.20.50:67 255.255.255.255:68
What do you think?
That's the
Michael:
I'm sure it's possible with SILENT_DENY, I just
don't use it. Charles will be able to provide details,
no doubt.
Here's the relevant portion from the echoWall
rules file. Hope it helps!
-Scott
# -- next, block reserved-address traffic, a-la CIAC alert K-032
# --
Regarding silent deny's...you can block the whole
224.0.0.0/4 range (RFC-1112 Class-D multicast) without worry.
That catches IGMP, IGRP, EIGRP, and probably others. As you'd
expect, this is in the same reduce my log noise section of
echowall.rules.
And, what is the best way
Did you have any problems getting the wanpipe to run. I cannot access my
S508/FT1 with Dachstein. If I run cfgft1 I get 'Failed to start FT1 driver
for device: wanpipe1!'
I have loaded the latest modules from Sangoma's LRP folder.
Eddie
-Original Message-
From: Michael D. Schleif
kernel: Packet log: input DENY wan PROTO=88 x.y.z.158:65535
224.0.0.10:65535 L=60 S=0xC0 I=0 F=0x T=2 (#39)
Yes, we know that protocol 88 is EIGRP.
No, Ethernet http://www.echogent.com/cgi-bin/fwlog.pl does not
recognize this.
[1] Does this represent a problem? Or, is this a
Charles, thank you!
Charles Steinkuehler wrote:
kernel: Packet log: input DENY wan PROTO=88 x.y.z.158:65535
224.0.0.10:65535 L=60 S=0xC0 I=0 F=0x T=2 (#39)
Yes, we know that protocol 88 is EIGRP.
No, Ethernet http://www.echogent.com/cgi-bin/fwlog.pl does not
recognize this.
Michael:
Heya. Thanks for the packet log, am updating fwlog.pl
to include an awareness of protocol 88. It knew about regular
IGRP (IP protocol 9) but not this one. :)
Regarding silent deny's...you can block the whole
224.0.0.0/4 range (RFC-1112 Class-D multicast) without worry.
Scott C. Best wrote:
Heya. Thanks for the packet log, am updating fwlog.pl
to include an awareness of protocol 88. It knew about regular
IGRP (IP protocol 9) but not this one. :)
Regarding silent deny's...you can block the whole
224.0.0.0/4 range (RFC-1112 Class-D