[Shorewall-users] Multicast Blocking

Tom Eastep teastep@shorewall.net
Wed, 23 Jan 2002 17:35:05 -0800


On Wednesday 23 January 2002 05:14 pm, Larry Platzek wrote:
> My ISP is sending out a multicast message every 30 seconds.
> I would like to block all multicasts in or out of my network.
> On muticasts into my Leaf 2.4.11 system from anywhere on the internet
> I would like deny that it ever was sent.

Shorewall does that by default.

> On muticast from withing my network I would like to report the
> error and put into log file.
>

Be sure that your kernel doesn't include multicast routing. Then:

REJECT:info=09loc=09fw:240.0.0.0/4=09all

> Would anyone care to tell me what to tell PPPd to have multicast
> not effect the idle timeout?

No clue...

-Tom
--=20
Tom Eastep    \ A Firewall for Linux 2.4.*
AIM: tmeastep  \ http://www.shorewall.net
ICQ: #60745924  \ teastep@shorewall.net