##tcpdump -e host 224.0.0.1 # #-e will print the link-level header or its mac address both for source and #destination mac address... with this even if the ip address is spoofed, link #level will show where the source coming from... if the mac address is equal #to your gateway router, then your router is capapable to relay igmp message #from outside.. otherwise, the culprit is inside your network topology. #
Here's the output of `tcpdump -e host 224.0.0.1` 08:12:09.519932 eth0 M 0:20:40:83:62:4d 1:0:0:0:0:0 ip 60: 192.168.100.1 > ALL-SYSTEMS.MCAST.NET: igmp query [tos 0xc0] [ttl 1] I've already filed a case in my ISP's abuse department. I just hope they won't be anal about me using Linux, which is not included in their supported operating systems. Thanks, jeff -- -- Jeff Gutierrez Pinoy Ako! May reklamo? Mapua Online! http://www.mapua.org http://www.mapua.com http://www.mapua.net Intertainer, Entertainment On Demand http://www.intertainer.tv _ Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph To leave: send "unsubscribe" in the body to [EMAIL PROTECTED] To subscribe to the Linux Newbies' List: send "subscribe" in the body to [EMAIL PROTECTED]
