Silencing Multicast Traffic in the Log

Started by chw0, October 21, 2024, 04:36:57 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
October 21, 2024, 04:36:57 PM
Hi, a entry with proto "pgm" and a static ip address appears every second in the firewall log (see attachment). I can't manage to create a rule that filters this entry. The "src"-IP already has full access.

Can anyone please point me in the right direction? Help :)

edit: OPNsense 23.7.9-amd64
October 21, 2024, 05:02:50 PM #1
That's an experimental protocol, no idea why this particular device would use it:

https://en.wikipedia.org/wiki/Pragmatic_General_Multicast

But why don't you disable logging for that rule?
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
October 21, 2024, 07:05:36 PM #2
Hi Patrick, that's the strange thing. The specified rule (Rule No 189) has nothing to do with multicast and logging is not activated for her either. If i disable this rule, the log entry still appears - but this time with a different rule number.
October 21, 2024, 07:13:58 PM #3
I mean that is a standard "allow all" rule, so of course it also catches multicast destinations. Why do you log hits for your allow rules?
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
October 21, 2024, 07:34:38 PM #4 Last Edit: October 21, 2024, 07:36:16 PM by chw0
I do not have a activated rule, where logging is enabled. That's why I'm at such a loss  ;)

Btw., "Log packets matched from the default pass rules put in the ruleset" in "Settings - Logging" is not enabled
Print
Go Up Pages1
User actions