I recently got accused by my ISP for disturbing traffic in our residential network. Obviously my port in the house switch was generating massive amounts of multicast traffic or atleast replying to incoming traffic.
My firewall was running OpenBSD 4.1 and had the net.inet.ip.mforwarding set, had tried it sometime because I couldnt watch a video stream on my workstation and believed it would be necessary, and subsequently left it on. The multicast storms in the network have now been resolved and had obviously also come from users with some specific brand wifi routers. Now I am wondering, could this setting have caused my firewall to reply to or relay incoming multicast traffic? I have not noticed any extra traffic on my internal network, nor have I used and applications that would make use of multicast. Practically only Linux in use on the intranet so viruses can be ruled out (have also scanned with ClamAV). Have gone through logs/settings on the firewall too but can not see any indication of a compromise.
