Add multicast to the Deprecated A_Drop and A_Reject actions

- Move A_Drop to deprecated/ directory Signed-off-by: Tom Eastep <teastep@shorewall.net>
2025-01-11 08:08:12 +01:00 · 2017-03-13 14:18:23 -07:00 · 2017-03-13 14:18:23 -07:00 · 4010f9bce4
commit 4010f9bce4
parent 02bb717d7d
2 changed files with 5 additions and 3 deletions
--- a/Shorewall/Actions/action.A_Drop.deprecated
+++ b/Shorewall/Actions/action.A_Drop.deprecated
@ -31,9 +31,10 @@ Auth(A_DROP)
 #
 A_AllowICMPs	-	-	icmp
 #
-# Don't log broadcasts
+# Don't log broadcasts and multicasts
 #
 dropBcast(audit)
+dropMcast(audit)
 #
 # Drop packets that are in the INVALID state -- these are usually ICMP packets
 # and just confuse people when they appear in the log.
--- a/Shorewall/Actions/action.A_Reject.deprecated
+++ b/Shorewall/Actions/action.A_Reject.deprecated
@ -25,10 +25,11 @@ COUNT
 #
 A_AllowICMPs	-	-	icmp
 #
-# Drop Broadcasts so they don't clutter up the log
-# (broadcasts must *not* be rejected).
+# Drop Broadcasts and multicasts so they don't clutter up the log
+# (these must *not* be rejected).
 #
 dropBcast(audit)
+dropMcast(audit)
 #
 # Drop packets that are in the INVALID state -- these are usually ICMP packets
 # and just confuse people when they appear in the log (these ICMPs cannot be