I've a problem about streaming multicast via VLC Player (RTP) over sophos.
My topology looks like :
Server Stream (172.16.11.123, 239.1.1.1) - Sophos 1 XG210(172.16.11.1, 172.16.1.1) - Sophos 2 XG210 (172.16.1.2, 172.16.12.1) - Client (172.16.12.123)
I use multicast forward + static routing on each sophos, while i stream a video all multicast package dropped by rule_id 0 (local_acl).
heres the dropped log
2017-05-04 08:47:03 0103021 IP 172.16.11.123.53246 > 239.1.1.1.5004 : proto UDP: packet len: 1336 checksum : 60166
0x0000: 4500 054c 94ff 4000 0111 3714 ac10 0c7b E..L..@...7....{
0x0010: ef01 0101 cffe 138c 0538 eb06 80a1 4661 .........8....Fa
0x0020: 356f 3c0a 973a 7f7d 4700 441d 23ab 9b97 5o<..:.}G.D.#...
0x0030: f41b c6f2 d421 1677 c101 1853 8374 7719 .....!.w...S.tw.
0x0040: 2599 946b 3744 3562 3f91 8d0e d428 4ec6 %..k7D5b?....(N.
0x0050: 4a96 35a4 6c11 070a 429f 0812 c391 ce15 J.5.l...B.......
0x0060: a902 34a2 6ae8 b71b 9239 50f3 05a5 6b63 ..4.j....9P...kc
0x0070: 10da ee85 896b 17c6 15d7 56db af21 6f25 .....k....V..!o%
0x0080: 2dc7 49a4 8520 021d a72b 6e36 c738 db66 -.I......+n6.8.f
0x0090: dbd5 9238 7910 2d54 cd81 90ac c256 93eb ...8y.-T.....V..
0x00a0: 74ac 558c ac45 260f e0d7 bda9 736c c550 t.U..E&.....sl.P
0x00b0: 9a86 c888 6da2 ca56 d371 034d cb58 dcc8 ....m..V.q.M.X..
0x00c0: a6c4 20e0 65a4 85ac 46b9 9537 7b46 0e8a ....e...F..7{F..
0x00d0: 1224 ba22 a38d 24f9 84e1 d389 ceba abb4 .$."..$.........
0x00e0: 016a 544d 4700 443e 7800 ffff ffff ffff .jTMG.D>x.......
0x00f0: ffff ffff ffff ffff ffff ffff ffff ffff ................
0x0100: ffff ffff ffff ffff ffff ffff ffff ffff ................
0x0110: ffff ffff ffff ffff ffff ffff ffff ffff ................
0x0120: ffff ffff ffff ffff ffff ffff ffff ffff ................
0x0130: ffff ffff ffff ffff ffff ffff ffff ffff ................
0x0140: ffff ffff ffff ffff ffff ffff ffff ffff ................
0x0150: ffff ffff ffff ffff ffff ffff ffff ffff ................
0x0160: ff8c 6358 db52 8353 6b69 a29b 9508 bdc2 ..cX.R.Ski......
0x0170: decd 1a6a f5ba 45e6 145d 554e 95a8 c645 ...j..E..]UN...E
0x0180: 436a b1aa 0394 1cab 0d05 7b84 1c89 c38d Cj........{.....
0x0190: 57ea 5425 88ea 968c 1af5 e423 4edc a800 W.T%.......#N...
0x01a0: 4740 441f 0000 01c0 01a9 8080 0521 1a01 G@D..........!..
0x01b0: 95d5 fffd 8004 3333 2232 4221 2231 2122 ......33"2B!"1!"
0x01c0: 1124 9241 2012 0900 0000 0000 aaaa a686 .$.A............
0x01d0: a9aa aaab a2cb 38c3 4e38 e38e 44f3 d041 ......8.N8..D..A
0x01e0: 3413 4124 5249 5495 5145 5551 6556 5555 4.A$RIT.QEUQeVUU
0x01f0: 9a5d 7788 3abc 7a78 88d8 2f3a 2d5a 8439 .]w.:.zx../:-Z.9
0x0200: 3610 1d2c 95a3 2138 aa4b 5b3b 39cd 694a 6..,..!8.K[;9.iJ
0x0210: d13b 46c0 90eb 1b6b 5a9c c155 df99 4bea .;F....kZ..U..K.
0x0220: 6d9e b9f6 672d ad21 30f5 4210 6aa6 545a m...g-.!0.B.j.TZ
0x0230: 5371 eae5 7b6c 8b86 42cb ab3d b4dc 53e5 Sq..{l..B..=..S.
0x0240: 3e83 96da 8e73 5a75 a9ae b9c4 d5ce 44cc >....sZu......D.
0x0250: 456a 5111 7aac b952 1896 daae 4740 4538 EjQ.z..R....G@E8
0x0260: 7810 033f e1db fe00 ffff ffff ffff ffff x..?............
0x0270: ffff ffff ffff ffff ffff ffff ffff ffff ................
0x0280: ffff ffff ffff ffff ffff ffff ffff ffff ................
0x0290: ffff ffff ffff ffff ffff ffff ffff ffff ................
0x02a0: ffff ffff ffff ffff ffff ffff ffff ffff ................
0x02b0: ffff ffff ffff ffff ffff ffff ffff ffff ................
0x02c0: ffff ffff ffff ffff ffff ffff ffff ffff ................
0x02d0: ffff ffff ffff ffff ff00 0001 e000 3980 ..............9.
0x02e0: c00a 311a 032b bf11 1a01 991f 0000 0001 ..1..+..........
0x02f0: 09e0 0000 0001 419b bc49 a841 6c99 4c09 ......A..I.Al.L.
0x0300: bf00 160e 9c83 0f1a 497b 9428 ee35 c4d7 ........I{.(.5..
0x0310: 88e8 421d 7653 3541 4700 4410 7aa7 cf10 ..B.vS5AG.D.z...
0x0320: e3c5 a57d a093 cdd1 bc38 7545 68b6 7a59 ...}.....8uEh.zY
0x0330: 1b4f 2447 d45a cd53 80f4 b4f8 8043 45de .O$G.Z.S.....CE.
0x0340: f7bb 5b65 39c2 aea8 cd51 240d 5c8b ab8b ..[e9....Q$.\...
0x0350: 6cfc 8c21 25c8 e6bb 5ea5 6c98 a539 a73b l..!%...^.l..9.;
0x0360: 54f6 b4e5 8da6 ad95 6634 816e 5058 55cc T.......f4.nPXU.
0x0370: 2514 25ac be9a 9b30 c9db 4731 a181 2ad5 %.%....0..G1..*.
0x0380: 3b54 ebca c9b2 28d3 9285 60cb 3896 7379 ;T....(...`.8.sy
0x0390: 54d7 817d 9f50 6b14 d6b5 8c61 94a7 8b43 T..}.Pk....a...C
0x03a0: 8523 6476 d949 4528 1087 0a0f e257 ab5d .#dv.IE(.....W.]
0x03b0: cff7 8dad 6843 1666 d62b 5ac5 3158 8f31 ....hC.f.+Z.1X.1
0x03c0: 0f6b 8c92 13ac 74ac 35fd 16c8 5f0d 33eb .k....t.5..._.3.
0x03d0: 35a8 8b56 4700 4431 7800 ffff ffff ffff 5..VG.D1x.......
0x03e0: ffff ffff ffff ffff ffff ffff ffff ffff ................
0x03f0: ffff ffff ffff ffff ffff ffff ffff ffff ................
0x0400: ffff ffff ffff ffff ffff ffff ffff ffff ................
0x0410: ffff ffff ffff ffff ffff ffff ffff ffff ................
0x0420: ffff ffff ffff ffff ffff ffff ffff ffff ................
0x0430: ffff ffff ffff ffff ffff ffff ffff ffff ................
0x0440: ffff ffff ffff ffff ffff ffff ffff ffff ................
0x0450: ffa6 dda7 6baa e621 79b1 114c 86c8 ab45 ....k..!y..L...E
0x0460: a6ef 04eb 4f1b c399 b479 03e6 ed0b 1ba2 ....O....y......
0x0470: 34aa 4a22 b1a8 9cb2 ba64 46a5 a4c3 27aa 4.J".....dF...'.
0x0480: 77d7 2b53 541a 6906 1811 876b 5ad8 dad6 w.+ST.i....kZ...
0x0490: 4740 4412 0000 01c0 01a9 8080 0521 1a01 G@D..........!..
0x04a0: a833 fffd 8004 3333 3244 3322 2122 2222 .3....332D3"!"""
0x04b0: 1124 9249 0090 0000 0000 0000 a9ea aaab .$.I............
0x04c0: b6aa aba6 30b3 5034 d38d 38e3 8e3c f412 ....0.P4..8..<..
0x04d0: 4904 5251 1513 4d35 5451 6517 6155 9559 I.RQ..M5TQe.aU.Y
0x04e0: a545 618a 6622 19c6 6884 e32a 71c7 1447 .Ea.f"..h..*q..G
0x04f0: c35b 2935 cf75 c65a 7071 0997 b9a1 644b .[)5.u.Zpq....dK
0x0500: c6d4 31c6 cc9b a917 5889 56d1 6972 1da0 ..1.....X.V.ir..
0x0510: dd49 2eab a215 9683 d298 4081 98a6 6156 .I........@...aV
0x0520: 33d5 1159 12b6 b504 5b6f ec5c 13e0 ed12 3..Y....[o.\....
0x0530: 91a6 a4a8 8a81 f506 eb52 ab11 6b2f 4e68 .........R..k/Nh
0x0540: cae4 73df 2c9d 4532 5a57 88a5 ..s.,.E2ZW..
Date=2017-05-04 Time=08:47:03 log_id=0103021 log_type=Firewall log_component=Local_ACLs log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=Port1 out_dev= inzone_id=1 outzone_id=0 source_mac=a0:f3:c1:01:ab:ae dest_mac=01:00:5e:01:01:01 l3_protocol=IP source_ip=172.16.11.123 dest_ip=239.1.1.1 l4_protocol=UDP source_port=53246 dest_port=5004 fw_rule_id=0 policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 hotspotuser_id=0 hb_src=0 hb_dst=0 dnat_done=0 proxy_flags=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0x0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=3570149824 masterid=0 status=256 state=0 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A
can i edit that rule_id 0 firewall to accept any package from/to 5004 port?
and which menu to edit that rule? i was search in web page or console but there no clue about edit that rule_id 0.
in the firewall menu the id of rule started from 1 not 0.
This thread was automatically locked due to age.
