I added logging to the end of my iptables config, but now need to stop logging all the multicast messages being broadcast at work (the point was to notice real security issues). The following rule is accepted, but doesn't suppress anything: # ignore multicast broadcasts -A RH-Lokkit-0-50-INPUT -p udp -m pkttype --pkt-type multicast --dport 0:1023 -j REJECT # reject everything else -A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 0:1023 --syn -j LOG -A RH-Lokkit-0-50-INPUT -p udp -m udp --dport 0:1023 -j LOG -A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 7100 --syn -j LOG -A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 0:1023 --syn -j REJECT -A RH-Lokkit-0-50-INPUT -p udp -m udp --dport 0:1023 -j REJECT Does "--pkt-type multicast" work? Is there an alternative way to ignore IPs with destinations of *.*.*.255? Thanks in advance for any help, Tom -- Shrike-list mailing list Shrike-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/shrike-list
