[Firehol-support] How to permit RIP Protocol Multicast from FIREWALL with FireHOL

Costa Tsaousis costa at tsaousis.gr
Tue Aug 9 23:47:12 BST 2005


Hi,

FireHOL logs the packets with: OUT-unknown
This means that no interface has been defined to match the traffic.
Try adding an interface with the correct src/dst parameters and add the
multicast service to it.

Regards,

Costa


On Wed, August 3, 2005 21:51, Rθmy Arthur de Abreu Pestana said:
> Hi,
>
>  I have FireHol running with RIP protocol in this maquine that need to
> exchange route information to some windows machines (RIP packets using
> multicast from firewall/Router to internal subnets).  FireHol seems to be
> blocking the packets from being received in the client machines.
> I have tried unsuccessfully to allow the packets by placing the following
> commands in the LAN interface sections of firehol config in the
> firewall/router machine:
>
> server multicast accept
> client multicast accept
>
> What's the correct approach?
> Any sugestions/ideas?
>
> Tanks.
> Sorry about my english!!!
>
> PS: There΄s my Actual FireHol Logs about RIP:
> Aug  3 15:23:55 fw-sr004 kernel: OUT-unknown:IN= OUT=eth0 SRC=192.168.4.2
> DST=224.0.0.9 LEN=92 TOS=0x00 PREC=0x00 TTL=1 ID=0 DF PROTO=UDP SPT=520
> DPT=520 LEN=72
> Aug  3 15:24:19 fw-sr004 kernel: OUT-unknown:IN= OUT=eth0 SRC=192.168.4.2
> DST=224.0.0.9 LEN=92 TOS=0x00 PREC=0x00 TTL=1 ID=0 DF PROTO=UDP SPT=520
> DPT=520 LEN=72
> Aug  3 15:24:43 fw-sr004 kernel: OUT-unknown:IN= OUT=eth0 SRC=192.168.4.2
> DST=224.0.0.9 LEN=92 TOS=0x00 PREC=0x00 TTL=1 ID=0 DF PROTO=UDP SPT=520
> DPT=520 LEN=72
> Aug  3 15:25:19 fw-sr004 kernel: OUT-unknown:IN= OUT=eth0 SRC=192.168.4.2
> DST=224.0.0.9 LEN=92 TOS=0x00 PREC=0x00 TTL=1 ID=0 DF PROTO=UDP SPT=520
> DPT=520 LEN=72
> Aug  3 15:26:58 fw-sr004 kernel: OUT-unknown:IN= OUT=eth0 SRC=192.168.4.2
> DST=224.0.0.9 LEN=92 TOS=0x00 PREC=0x00 TTL=1 ID=0 DF PROTO=UDP SPT=520
> DPT=520 LEN=72
>
> Thee are other messages in console logs about RIP:
> OUT-unknown:IN= OUT=eth0 SRC=192.168.4.2 DST=224.0.0.1 DF PROTO=ICMP
> TYPE=8
> OUT-unknown:IN= OUT=eth0 SRC=192.168.4.2 DST=224.0.0.22 DF PROTO=2
> OUT-unknown:IN= OUT=eth0 SRC=192.168.4.2 DST=224.0.0.251 DF PROTO=UDP
> SPT=5353
> OUT-unknown:IN= OUT=eth0 SRC=192.168.4.2 DST=224.0.0.9 DF PROTO=UDP
> SPT=520
>
> and:
>
> Aug  3 15:23:55 fw-sr004 kernel: OUT-unknown:IN= OUT=eth0 SRC=192.168.4.2
> DST=224.0.0.9 LEN=92 TOS=0x00 PREC=0x00 TTL=1 ID=0 DF PROTO=UDP SPT=520
> DPT=520 LEN=72
> Aug  3 15:24:19 fw-sr004 kernel: OUT-unknown:IN= OUT=eth0 SRC=192.168.4.2
> DST=224.0.0.9 LEN=92 TOS=0x00 PREC=0x00 TTL=1 ID=0 DF PROTO=UDP SPT=520
> DPT=520 LEN=72
> Aug  3 15:24:43 fw-sr004 kernel: OUT-unknown:IN= OUT=eth0 SRC=192.168.4.2
> DST=224.0.0.9 LEN=92 TOS=0x00 PREC=0x00 TTL=1 ID=0 DF PROTO=UDP SPT=520
> DPT=520 LEN=72
> Aug  3 15:25:19 fw-sr004 kernel: OUT-unknown:IN= OUT=eth0 SRC=192.168.4.2
> DST=224.0.0.9 LEN=92 TOS=0x00 PREC=0x00 TTL=1 ID=0 DF PROTO=UDP SPT=520
> DPT=520 LEN=72
> Aug  3 15:26:58 fw-sr004 kernel: OUT-unknown:IN= OUT=eth0 SRC=192.168.4.2
> DST=224.0.0.9 LEN=92 TOS=0x00 PREC=0x00 TTL=1 ID=0 DF PROTO=UDP SPT=520
> DPT=520 LEN=72
>
>
>
>
> -------------------------------------------------------
> SF.Net email is Sponsored by the Better Software Conference & EXPO
> September 19-22, 2005 * San Francisco, CA * Development Lifecycle
> Practices
> Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA
> Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf
> _______________________________________________
> Firehol-support mailing list
> Firehol-support at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/firehol-support
>





More information about the Firehol-support mailing list