Mailinglist Archive: opensuse-security (343 mails)

< Previous Next >
SuSEfirewall and IGMP filtering
  • From: Eric Swenson <eric@xxxxxxxxxxx>
  • Date: Fri, 27 Jul 2001 11:31:55 -0700 (PDT)
  • Message-id: <200107271831.LAA29467@xxxxxxxxxxxxxxx>
I'm running SuSE 7.2 on a machine with a single ethernet interface to
my LAN where I have a DSL Router (Cayman 3220-H) providing access to
the internet. I wish to protect this machine from internet-based
attacks while allowing inbound http and smtp access.

I believe I have things configured properly enough, but I've been
unable to filter all the IGMP traffic and wonder what it means,
whether I should care, and if I shouldn't, how to get rid of the log
messages. They are of the form:

input DENY eth0 PROTO=2 aaa.bbb.ccc.ddd:65535 239.255.255.250:65535
input DENY eth0 PROTO=2 aaa.bbb.ccc.eee:65535 224.0.0.1:65535

The traffic in the first case comes from one of the Windows machines
on my LAN. The traffic in the second case comes from the DSL Router.

What do these mean? Is this traffic harmless, and if so, how do I
prevent logging of this traffic?

Thanks much. -- Eric

< Previous Next >
Follow Ups