Sonic([email protected]) on 2020.01.01 12:33:30 -0500: > The pflogs on my firewall and on a new system I'm installing (-current > with pretty much a default pf.conf) are flooded with igmp query > entries. Neither system has a log rule for such action. > > Ex: > =================================== > rule 1/(match) pass in on em1: 192.168.1.20 > 224.0.0.1: igmp query [ttl 1] > =================================== > > pf.conf: > =================================== > # $OpenBSD: pf.conf,v 1.55 2017/12/03 20:40:04 sthen Exp $ > # > # See pf.conf(5) and /etc/examples/pf.conf > > set skip on lo > > block return # block stateless traffic > pass # establish keep-state > =================================== > > Reason? Solution?
show the output of pfctl -si pfctl -sr dmesg
