From: hilton de meillon (hiltond_at_hotpop.com)
To: "'Foundation Linux'" <email@example.com> Date: Thu, 6 Jan 2005 00:04:17 +1000
Thanks a lot Charles and to all who replied. I will try these solutions and
see how I fare.
I really need to touch up my TCP/IP or IGMP/IP skills.
One question -your iptables statement had two entries - one for inbound igmp
one for outbound igmp, the first rule makes sense but the second one throws
me a bit
as it is in the INPUT chain and not the OUTPUT chain - is this just a lack
in my understanding of iptables ?.
From: Foundation Linux [mailto:firstname.lastname@example.org]
Sent: Wednesday, 5 January 2005 6:02 AM
To: hilton de meillon
Subject: Re: CAN-2004-1137
I'm not sure if my other message got thru, so here goes again.
IGMP is an IP datagram like ICMP. It uses the multicast range, Class D, IP
You can drop those packets in iptables without issue.
hilton de meillon wrote:
> I have been doing a bit of research - there are numerous instances of
>iptables scripts containing rules to block IGMP using iptables - am I
>correct in saying that IGMP is on the network layer IP protocol 2 hence
>all the iptables rulesets claiming to block igmp are misinformed ?.
>Is there a igmptables or any other way of selectively blocking IGMP
>using linux ?.