Ubuntu
ipmasq package

Default configuration logs IGMP packets

Bug #34663 reported by dierre on 2006-03-12

6

Affects		Status	Importance	Assigned to	Milestone
	ipmasq (Ubuntu)	Fix Released	Medium	MOTU Reviewers Team

Bug Description

My ISP supports multicasting, so their routers periodically send me IGMP packets.

The default configuration of ipmasq causes these packets to be blocked and logged, therefore cluttering log files and making them bigger and less readable.

Revision history for this message

Jérémie Corbier (jcorbier) wrote on 2006-03-17:

#1

I don't see this as an ipmasq bug. My computers are in a highly loaded multicast environment and they are not flooded at all.

Either your ISP router is over-verbose about multicast or you route multicast through your gateway. In both cases, I think you should solve this issue by yourself with a custom ipmasq IGMP rule file.

Changed in ipmasq:
assignee:	nobody → jcorbier
status:	Unconfirmed → Needs Info

Revision history for this message

dierre (fdr) wrote on 2006-03-18:

#2

I'm not being flooded, but ipmasq's rules cause every IGMP to be logged as if it were suspicious traffic, while it's evident that it isn't. For instance, here is an excerpt from the logs of the gateway, which runs ipmasq:

Mar 18 14:09:39 homer kernel: [4302151.957000] IN=ppp0 OUT= MAC= SRC=192.168.100.1 DST=224.0.0.1 LEN=28 TOS=0x00 PREC=0xC0 TTL=1 ID=14422 PROTO=2
Mar 18 14:10:39 homer kernel: [4302212.007000] IN=ppp0 OUT= MAC= SRC=192.168.100.1 DST=224.0.0.1 LEN=28 TOS=0x00 PREC=0xC0 TTL=1 ID=25110 PROTO=2
Mar 18 14:11:39 homer kernel: [4302272.057000] IN=ppp0 OUT= MAC= SRC=192.168.100.1 DST=224.0.0.1 LEN=28 TOS=0x00 PREC=0xC0 TTL=1 ID=35664 PROTO=2
Mar 18 14:12:39 homer kernel: [4302332.108000] IN=ppp0 OUT= MAC= SRC=192.168.100.1 DST=224.0.0.1 LEN=28 TOS=0x00 PREC=0xC0 TTL=1 ID=46241 PROTO=2
Mar 18 14:13:39 homer kernel: [4302392.244000] IN=ppp0 OUT= MAC= SRC=192.168.100.1 DST=224.0.0.1 LEN=28 TOS=0x00 PREC=0xC0 TTL=1 ID=57176 PROTO=2

My suggestion was to put an IGMP rule in ipmasq's default ruleset so that IGMP traffic is dealt with accordingly (either processed or discarded) but not logged, since there is nothing unusual in it.

Revision history for this message

Jérémie Corbier (jcorbier) wrote on 2006-03-23:

#3

My apologies. I misunderstood what the problem is. I am working on it.

Changed in ipmasq:
status:	Needs Info → In Progress

Revision history for this message

Jérémie Corbier (jcorbier) wrote on 2006-03-26: Disable IGMP logging

#4

Disable IGMP logging Edit (1.7 KiB, text/plain)

This patch will disable most of external IGMP packets logging. It is designed for ipmasq-4.0.7 which should be included in Dapper soon since it's a minor release.

Revision history for this message

dierre (fdr) wrote on 2006-03-26:

#5

I've added a .rul file (not .def) with the same content as the patch and it seems to solve the issue with ipmasq-4.0.2 as well.

Thank you for your support.

Jérémie Corbier (jcorbier) on 2006-03-29

Changed in ipmasq:
assignee:	jcorbier → motureviewers

Revision history for this message

Jérémie Corbier (jcorbier) wrote on 2006-05-18: Debdiff

#6

Debdiff Edit (1.7 KiB, text/plain)

The same as the previous one for ipmasq 4.0.8-0.1

Revision history for this message

Jérémie Corbier (jcorbier) wrote on 2006-05-18:

#7

Thanks Gauvain for the upload.

Changed in ipmasq:
status:	In Progress → Fix Committed

Revision history for this message

Jérémie Corbier (jcorbier) wrote on 2006-05-18:

#8

ipmasq (4.0.8-0.1ubuntu1) dapper; urgency=low

* Added ZZYdropigmp.def to prevent IGMP traffic from being logged
(Closes: Malone #34663).

-- Jeremie Corbier <email address hidden> Thu, 18 May 2006 15:49:07 +0200

Changed in ipmasq:
status:	Fix Committed → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Patches

Add patch

Remote bug watches

Bug watches keep track of this bug in other bug trackers.