I'm getting a ton of multicast-related deny's in my syslogs from the ipmasq rules package, here's a sample:
Oct 18 22:19:47 meatloaf kernel: Packet log: input DENY eth0 PROTO=89
24.129.71.254:65535 224.0.0.5:65535 L=64 S=0xC0 I=24259 F=0x0000 T=1 (#8)
Oct 18 22:19:49 meatloaf kernel: Packet log: input DENY eth0 PROTO=1
24.129.69.30:10 224.0.0.2:0 L=28 S=0x00 I=6400 F=0x0000 T=128 (#8)
Oct 18 22:19:57 meatloaf kernel: Packet log: input DENY eth0 PROTO=89
24.129.71.254:65535 224.0.0.5:65535 L=64 S=0xC0 I=24456 F=0x0000 T=1 (#8)
Oct 18 22:20:07 meatloaf kernel: Packet log: input DENY eth0 PROTO=89
24.129.71.254:65535 224.0.0.5:65535 L=64 S=0xC0 I=24660 F=0x0000 T=1 (#8)
I tried adding
$IPCHAINS -A input -j ACCEPT -i ${i%%:*} -d 224.0.0.0/240.0.0.0 -p ! tcp
to the I30internal.rul set, but that has no affect. I'm really not
sure what i have to do to block these, any help would be
appreciated. Thanks.
-pete
--
(peter.royal|osi)@pobox.com - http://pobox.com/~osi
"god invented turn signals for a reason"
uin#153025
pgpFGSRxd52z8.pgp
Description: PGP signature
