On Thu, Feb 23, 2023, at 2:22 AM, Luca Di Gregorio wrote: > Synopsis: PF still blocks IGMP multicast control packets > Category: system > Environment: > System : OpenBSD 7.2 > Details : OpenBSD 7.2 (GENERIC) #6: Sat Jan 21 01:01:28 MST 2023 > [email protected]: > /usr/src/sys/arch/amd64/compile/GENERIC > > Architecture: OpenBSD.amd64 > Machine : amd64 > > Description: > In https://www.openbsd.org/plus72.html it is stated that: > "Changed pf(4) handling of IGMP and ICMP6 MLD packets to allow multicast > control > packets to work by default." > But, with PF enabled, igmp dvmrp Prune messages between two mrouted's are > still blocked.
If it's helpful, here are the discussion threads on the topic: https://marc.info/?t=165056102400001 https://marc.info/?t=165064941500001 https://marc.info/?t=165152723000003 https://marc.info/?t=165153057300001 And the commits: https://marc.info/?l=openbsd-cvs&m=165122269521134&w=2 https://marc.info/?l=openbsd-cvs&m=165158473312045&w=2 I can't speak to which option/packet combinations are blocked and which are not, I was just happy to no longer need extra rules to quiet the (option) logging. Brian Conway
