Multicast/SSDP not working (on VLAN interface)
Rozhuk Ivan
rozhuk.im at gmail.com
Tue Mar 20 00:18:01 UTC 2018
On Mon, 19 Mar 2018 16:11:05 -0700 (PDT)
"Rodney W. Grimes" <freebsd-rwg at pdx.rh.CN85.dnsmgr.net> wrote:
> Are you running with "firewall_type="simple""?
> If so it is set to block all 224/4 packets, see this part
> of /etc/rc.firewall:
> # And stop draft-manning-dsua-03.txt (1 May 2000) nets
> (includes RESERVED-1, # DHCP auto-configuration, NET-TEST, MULTICAST
> (class D), and class E) # on the outside interface
> ${fwcmd} table ${BAD_ADDR_TBL} add 0.0.0.0/8
> ${fwcmd} table ${BAD_ADDR_TBL} add 169.254.0.0/16
> ${fwcmd} table ${BAD_ADDR_TBL} add 192.0.2.0/24
> ${fwcmd} table ${BAD_ADDR_TBL} add 224.0.0.0/4
> ${fwcmd} table ${BAD_ADDR_TBL} add 240.0.0.0/4
>
> ${fwcmd} add deny all from any to "table($BAD_ADDR_TBL)" via
> ${oif}
>
> Your route effected this as your packets are no longer trying to
> use an all interfaces path, but a specific interface, and that is
> probably not ${oif} of your firewall.
>
One more fw tip: pf by default drops all IP packets with options, so IGMP does not work.
More information about the freebsd-net
mailing list