thank’s for the fast answer.
Yes, that helps, but supresses all kinds of notifications for incoming packets.
I search for an option to define a Firewall Rule and turn off logging for this special kind of packets. I have done this with lots of other types of packets and it is running fine. But with Multicast Packets, i found no solution.
I try to create rules , which should target this kind of packets. (All/ All/ Dest 188.8.131.52 / All). But nothing worked.
Sorry, I thougt, i’m not the first one who ran into this kind of problem and i only won’t see the forest for the trees.
Thank you anyway !
Yeah same version. I misunderstood, so your multicast is dropped but it always logs it? Mine doesnt drop and it doesn’t log.
That multicast address you’ve shown are IGMP membership queries, it would be produced by the IGMP Querier or snooping device on the network. It should send packets out every 180 seconds or somewhere near. You need to turn it down?
oh well, I completely overlooked the “DROP_INPUT” snippet in the screenshots provided.
May I ask you to edit the firewall rule once more, and set its destination to “firewall”, and then choose IPFire’s RED interface?
The reason for this is the underlying behaviour of iptables: Rules having the multicast range set as its destination are placed into the FORWARD chain. However, since IPFire interprets these as being incoming connections, they actually hit the INPUT chain. This is why the rule I proposed in the first place never triggered, and you folks continued to observe these log entries.
Sorry about this. Will have a cup of coffee first next time.
Good morning everyone
I put IPFire immediately behind my router (a Fritzbox 7590), from the firewall logs, however, I see that FritzBox continues to query IPFire to discover devices for the mesh network on IPs 184.108.40.206 and 255.255.255.255
These attempts are logged by IPFire but I don’t care (only these of course), how can I create a firewall rule that drops the FritzBox connections to the aforementioned addresses and does not log them?
trying to better explain my request, my aim is to hide these annoying firewall log lines (see image) by inserting a rule on the firewall that drops the two communications (IGMP and UDP 53805) but at the same time does not log them
I think your link mentioned takes us back to the top of this thread.
I have also been trying forever to drop multicasts without adding log entry.
Turning off the logging via firewall options also disables logging of any actual dropped traffic. Would be nice in the firewall options to have option to simply drop multicasts without logging