Skip to main content

Beste allemaal,

 

Ik heb sinds enkele dagen Glasvezel van KPN. Ik kom van Ziggo met het modem in bridge, maar dit kan bij KPN dus niet zo eenvoudig. In mijn mikrotik heb ik de configuratie gedaan zoals ik op meerdere plaatsen op dit forum lees en ook op netwerkje.com te vinden is.

Na enige pijn en moeite heb ik het internet en de ITV werkend gekregen. Helaas heb ik, wanneer ik 1 stream blijf kijken, iedere ~4:25 minuten een storing. Dus als ik binnen de 4 minuten wissel naar een andere zender doet de storing zich niet voor.

Deze storing wisselt elkaar om-en-om af:

  1. op de ITV: ‘stb-nmc-400’, of
  2. alleen een korte onderbreking van ~3-5 seconden

Ik heb dit een tijdje getimed door continue 1 zender te kijken

timing minuten storing oplossing
1 04:42.16 even een hapering even wachten
2 04:26.99 stb-nmc-400 zender wisselen
3 04:26.57 even een hapering even wachten
4 04:35.07 stb-nmc-400 zender wisselen
5 04:27.03 even een hapering even wachten
6 04:29.62 stb-nmc-400 zender wisselen

 

Dit issue doet zich voor op beide decoders (Arris VIP5202) en beide decoders zitten achter een switch op verschillende poorten op mijn router. (Ether2 en Ether3)

Op de experiabox (v12) werkte de decoders beide prima, ook via de switches.

 

Vraag:

Kan iemand zien of er iets in mijn configuratie niet correct is? De timing van de storing kan ik nergens terug vinden maar doet me wel vermoeden dat er een aanwijsbare oorzaak/instelling is danwel zou moeten zijn

 

# mar/10/2022 12:03:39 by RouterOS 7.1
# software id = FKSN-PHQM
#
# model = 960PGS
# serial number = ---------------
/interface bridge
add admin-mac=CC:2D:E0:7B:3A:1D arp=proxy-arp auto-mac=no comment=defconf \
    igmp-snooping=yes name=bridge-LAN protocol-mode=none
/interface ethernet
set r find default-name=ether1 ] loop-protect=off name=\
    "ether1-Internet Acces" speed=100Mbps
set r find default-name=ether2 ] comment=\
    "Aansluiting in de woonkamer t.b.v. televisiemeubel" name=\
    ether2-Multimedia poe-out=off speed=100Mbps
set r find default-name=ether3 ] comment="Switch in meterkast met alle BHI" \
    name="ether3-PoE Switch" poe-out=off speed=100Mbps
set r find default-name=ether4 ] comment=\
    "Switch in de hal met de NAS/RPI/BLUEIRIS" name=ether4-IoT poe-out=off \
    speed=100Mbps
set r find default-name=ether5 ] disabled=yes poe-out=off speed=100Mbps
set r find default-name=sfp1 ] advertise=\
    10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full disabled=yes
/interface vlan
add comment="KPN: https://netwerkje.com/routed-iptv VLAN4" interface=\
    "ether1-Internet Acces" loop-protect=off name=vlan1.4 vlan-id=4
add comment="KPN: https://netwerkje.com/config-internetv6 VLAN6" interface=\
    "ether1-Internet Acces" loop-protect=off mtu=1520 name=vlan1.6 vlan-id=6
/interface pppoe-client
add add-default-route=yes allow=pap comment="Voor KPN ipv6 internet access" \
    disabled=no interface=vlan1.6 keepalive-timeout=20 max-mtu=1500 name=\
    pppoe-client user=1234@provider
/interface list
add comment=defconf name=WAN
add comment=defconf name=LAN
/interface lte apn
set r find default=yes ] ip-type=ipv4
/interface wireless security-profiles
set r find default=yes ] supplicant-identity=MikroTik
/ip dhcp-client option
add code=60 name=option60-vendorclass value="'IPTV_RG'"
/ip dhcp-server option
add code=60 name=option60-vendorclass value="'IPTV_RG'"
add code=28 name=option28-broadcast value="'10.255.255.255'"
/ip dhcp-server option sets
add name=IPTV options=option60-vendorclass,option28-broadcast
/ip pool
add name=dhcp ranges=10.0.1.100-10.0.1.254
/ip dhcp-server
add address-pool=dhcp interface=bridge-LAN lease-time=1d name=dhcp-thuis
/ppp profile
set *0 only-one=yes use-compression=yes use-ipv6=no use-upnp=no
add name=default-ipv6 only-one=yes use-upnp=no
/routing bgp template
set default as=65530 disabled=yes name=default output.network=bgp-networks
/routing ospf instance
add name=default-v2
add name=default-v3 version=3
/routing ospf area
add disabled=yes instance=default-v2 name=backbone-v2
add disabled=yes instance=default-v3 name=backbone-v3
/user group
set full policy="local,telnet,ssh,ftp,reboot,read,write,policy,test,winbox,pas\
    sword,web,sniff,sensitive,api,romon,dude,tikapp,rest-api"
add name=read2 policy="read,api,!local,!telnet,!ssh,!ftp,!reboot,!write,!polic\
    y,!test,!winbox,!password,!web,!sniff,!sensitive,!romon,!dude,!tikapp,!res\
    t-api"
/interface bridge port
add bridge=bridge-LAN comment=defconf ingress-filtering=no interface=\
    ether2-Multimedia
add bridge=bridge-LAN comment=defconf ingress-filtering=no interface=\
    "ether3-PoE Switch"
add bridge=bridge-LAN comment=defconf ingress-filtering=no interface=\
    ether4-IoT
add bridge=bridge-LAN comment=defconf ingress-filtering=no interface=ether5
add bridge=bridge-LAN comment=defconf ingress-filtering=no interface=sfp1
/ip neighbor discovery-settings
set discover-interface-list=LAN
/ip settings
set max-neighbor-entries=8192
/ipv6 settings
set max-neighbor-entries=8192
/interface detect-internet
set detect-interface-list=all
/interface list member
add comment=defconf interface=bridge-LAN list=LAN
add comment=defconf interface="ether1-Internet Acces" list=WAN
/ip address
add address=10.0.0.1/8 comment=defconf interface=bridge-LAN network=10.0.0.0
/ip cloud
set ddns-enabled=yes
/ip dhcp-client
add comment=defconf disabled=yes interface="ether1-Internet Acces"
add add-default-route=special-classless comment=\
    "KPN: https://netwerkje.com/config-internetv6" default-route-distance=210 \
    dhcp-options=option60-vendorclass interface=vlan1.4 use-peer-dns=no \
    use-peer-ntp=no
/ip dhcp-server config
set store-leases-disk=immediately
/ip dhcp-server lease
add address=10.0.2.21 comment="Media: Decoder 1 KPN" dhcp-option-set=IPTV \
    mac-address=00:02:9B:FA:43:9E server=dhcp-thuis
add address=10.0.2.26 comment="KPN decoder 2" dhcp-option-set=IPTV \
    mac-address=00:02:9B:FA:F0:0A server=dhcp-thuis
/ip dhcp-server network
add address=10.0.0.0/8 comment=defconf dns-server=10.0.2.0,8.8.8.8 gateway=\
    10.0.0.1 netmask=8
/ip dns
set allow-remote-requests=yes servers=10.0.2.0,8.8.8.8
/ip firewall address-list
add address=89f908aae8b3.sn.mynetname.net list=WAN-IP
/ip firewall filter
add action=accept chain=input comment=\
    "defconf: accept established,related,untracked" connection-state=\
    established,related,untracked
add action=drop chain=input comment="defconf: drop invalid" connection-state=\
    invalid
add action=accept chain=input comment="defconf: accept ICMP" in-interface=\
    pppoe-client protocol=icmp
add action=drop chain=input comment="defconf: drop all not coming from LAN" \
    in-interface-list=!LAN
add action=accept chain=forward comment="defconf: accept in ipsec policy" \
    ipsec-policy=in,ipsec
add action=accept chain=forward comment="defconf: accept out ipsec policy" \
    ipsec-policy=out,ipsec
add action=fasttrack-connection chain=forward comment="defconf: fasttrack" \
    connection-state=established,related hw-offload=yes
add action=accept chain=forward comment=\
    "defconf: accept established,related, untracked" connection-state=\
    established,related,untracked
add action=drop chain=forward comment="defconf: drop invalid" \
    connection-state=invalid
add action=drop chain=forward comment=\
    "defconf:  drop all from WAN not DSTNATed" connection-nat-state=!dstnat \
    connection-state=new in-interface-list=WAN
add action=drop chain=input comment="drop DNS requests from WAN" disabled=yes \
    dst-port=53 in-interface="ether1-Internet Acces" protocol=udp
add action=drop chain=input comment="drop DNS requests from WAN" disabled=yes \
    dst-port=53 in-interface="ether1-Internet Acces" protocol=tcp
add action=accept chain=input comment=\
    "KPN: https://netwerkje.com/config-internetv6" in-interface=\
    "ether1-Internet Acces" protocol=icmp
add action=accept chain=input comment=\
    "KPN: https://netwerkje.com/config-internetv6" connection-state=related
add action=accept chain=input comment=\
    "KPN: https://netwerkje.com/config-internetv6" connection-state=\
    established
add action=reject chain=input comment=\
    "KPN: https://netwerkje.com/config-internetv6" in-interface=pppoe-client \
    protocol=tcp reject-with=icmp-port-unreachable
add action=reject chain=input comment=\
    "KPN: https://netwerkje.com/config-internetv6" in-interface=pppoe-client \
    protocol=udp reject-with=icmp-port-unreachable
/ip firewall nat
add action=masquerade chain=srcnat comment="Needed for IPTV" dst-address=\
    213.75.112.0/21 out-interface=vlan1.4
add action=masquerade chain=srcnat comment="Needed for IPTV" dst-address=\
    217.166.0.0/16 out-interface=vlan1.4
add action=masquerade chain=srcnat comment="Hairpin NAT" dst-address=\
    10.0.0.0/8 src-address=10.0.0.0/8
add action=masquerade chain=srcnat comment=\
    "defconf: masquerade (NOT FOR KPN)" disabled=yes ipsec-policy=out,none \
    out-interface-list=WAN src-address=10.0.0.0/8
add action=masquerade chain=srcnat comment=\
    "KPN: https://netwerkje.com/config-internetv6" out-interface=pppoe-client \
    src-address=10.0.0.0/8
add action=dst-nat chain=dstnat comment="WireGuard RPI" dst-address-list=\
    WAN-IP dst-port=51820 protocol=udp to-addresses=10.0.2.0 to-ports=51820
add action=dst-nat chain=dstnat comment=Bitwarden dst-address-list=WAN-IP \
    dst-port=7277 protocol=tcp to-addresses=10.0.2.1 to-ports=7277
add action=dst-nat chain=dstnat comment=Homeassistant dst-address-list=WAN-IP \
    dst-port=443 protocol=tcp to-addresses=10.0.2.1 to-ports=8123
add action=dst-nat chain=dstnat comment="NAS NAT" dst-address-list=WAN-IP \
    dst-port=444 protocol=tcp to-addresses=10.0.0.10 to-ports=443
add action=dst-nat chain=dstnat comment="8123 to 8123" disabled=yes \
    dst-address-list=WAN-IP dst-port=8123 protocol=tcp to-addresses=10.0.0.12 \
    to-ports=8123
add action=dst-nat chain=dstnat comment="port80 to 80 from_WAN to HASS" \
    dst-address-list=WAN-IP dst-port=80 in-interface="ether1-Internet Acces" \
    protocol=tcp to-addresses=10.0.2.1 to-ports=80
add action=dst-nat chain=dstnat comment="port80 to 80 from_WAN to NAS" \
    disabled=yes dst-address-list=WAN-IP dst-port=80 in-interface=\
    "ether1-Internet Acces" protocol=tcp to-addresses=10.0.0.10 to-ports=80
/ip upnp
set show-dummy-rule=no
/ipv6 address
# address pool error: pool not found: 0 (4)
add address=::1 from-pool=0 interface=bridge-LAN
/ipv6 dhcp-client
add add-default-route=yes comment=\
    "KPN: https://netwerkje.com/config-internetv6" disabled=yes interface=\
    pppoe-client pool-name=0 pool-prefix-length=48 request=prefix \
    use-peer-dns=no
/ipv6 firewall filter
add action=accept chain=input connection-state=established in-interface=\
    pppoe-client
add action=accept chain=input connection-state=related in-interface=\
    pppoe-client
add action=accept chain=input comment="DHCPv6 for public addresses" \
    dst-address=fe80::/64 dst-port=546 in-interface=pppoe-client log-prefix=\
    DHCPv6 protocol=udp
add action=reject chain=input in-interface=pppoe-client reject-with=\
    icmp-port-unreachable
add action=accept chain=forward connection-state=related in-interface=\
    pppoe-client
add action=accept chain=forward connection-state=established in-interface=\
    pppoe-client
add action=reject chain=forward in-interface=pppoe-client reject-with=\
    icmp-no-route
/ipv6 nd
set r find default=yes ] disabled=yes
/routing igmp-proxy
set quick-leave=yes
/routing igmp-proxy interface
add alternative-subnets=0.0.0.0/0 comment=KPN interface=vlan1.4 upstream=yes
add comment=KPN interface=bridge-LAN
/system clock
set time-zone-name=Europe/Amsterdam
/system identity
set name=Rmpz_router
/system package update
set channel=long-term
/tool mac-server
set allowed-interface-list=LAN
/tool mac-server mac-winbox
set allowed-interface-list=LAN

 

 

 

Het adres 10.0.0.0/16 in jouw firewall address-list is in ieder geval niet goed. Dit zou 10.0.0.0/8 moeten zijn. Ook het adres 217.166.0.0 is niet correct immers dit zou 217.166.0.0/16 moeten zijn.

Zelf hanteer ik op mijn EdgeRouter de onderstaande firewall inkomend op vlan 4.

Inkomend accepteer ik dus alleen maar UDP verkeer met bestemming 224.0.0.0/4 waarbij het niet uitmaakt vanaf welk IP adres op vlan 4 dat komt. Feitelijk hanteer ik dus een firewall address list 0.0.0.0/0 en worden alleen IGMP multicasts doorgelaten immers dat is het enige verkeer dat aan het subnet 224.0.0.0/4 gericht is.

Uitgaand heb ik geen firewall actief op vlan 4.

Wellicht geheel ten overvloede, en als mosterd na de maaltijd, maar in mijn zoektocht naar de oorzaak van eenzelfde probleem stuitte ik op inkomende packets van het protocol IGMP, in de INPUT chain van iptables, met als source zowel het ip adres van het KPN Modem, als ip adres van de interface van de Edgerouter naar het KPN modem (In hetzelfde subnet dus). Deze werden dus door mijn Edgerouter geblockt, omdat ze niet matchten met de UDP regel. Nadat ik deze in een allow-regel had toegevoegd, heb ik er geen last meer van. Hier de firewall policy op de eth2/in, waar dus mijn kpn modem achter hangt.

    name KPN_LOCAL {
        default-action drop
        description "WAN to router"
        rule 10 {
            action accept
            description "Allow established/related"
            state {
                established enable
                related enable
            }
        }
        rule 20 {
            action accept
            description "Allow IGMP from KPN Modem"
            destination {
                address 224.0.0.0/4
            }
            log disable
            protocol igmp
            source {
                address 192.168.2.254
            }
        }
        rule 30 {
            action accept
            description "Allow IGMP from Local Interface to KPN"
            destination {
                address 224.0.0.0/4
            }
            log disable
            protocol igmp
            source {
                address 192.168.2.254
            }
        }
        rule 40 {
            action accept
            description "Allow IGMP Multicasts"
            destination {
                address 224.0.0.0/4
            }
            log disable
            protocol udp
        }
        rule 50 {
            action accept
            description "Allow iTV stuff"
            log disable
            protocol all
            source {
                address 213.75.112.0/21
            }
        }
    }

Ik zie nu dat rule 20 en 30 dezelfde zijn, en of rule 50 daadwerkelijk nodig is, weet ik niet, deze regel is nog een overblijfsel van mijn troubleshooting.

 

@wjb : Dank voor je uitgebreide antwoorden, op de vragen van Gette, en die van @antonlamers in dit draadje. Daar heb ik veel aan gehad. Maar omdat ik een nogal unieke setup heb (dual WAN -Delta via Delta fiber, en KPN ADSL-, waarbij allebei de geleverde modems niet in bridge modus gebruikt worden. Daarachter staat dus de Edgerouter X SFP, met daar weer achter een viertal Netgear switches, 2x GC110 en 2x GC510P), en een tiental VLAN's, met één VLAN dedicated voor de ipTV STB's en mijn NVidia Shields met Android TV.)

Voor wie het interesseert, heb ik ook nog wel een manier om de ipTV app van KPN aan de praat te krijgen als je een dergelijke setup hebt, waar het internet verkeer eigenlijk primair over de Delta glas verbinding loopt, en je het IPTV verkeer over de niet-active failover interface wil laten lopenmet policy based routing.

Regel 20, 30 en 50 zijn niet nodig.

En als je de firewall netjes inricht dan zou je eigenlijk ook nog een regel op moeten nemen om de invalid state af te vangen.

Onderstaand de firewall dit ik inkomend op vlan 4 (TV) heb staan...

    name WAN_IPTV_IN {
        default-action drop
        rule 1 {
            action accept
            description "Allow established/related"
            log disable
            protocol all
            state {
                established enable
                invalid disable
                new disable
                related enable
            }
        }
        rule 2 {
            action drop
            description "Drop invalid state"
            log disable
            protocol all
            state {
                established disable
                invalid enable
                new disable
                related disable
            }
        }
        rule 3 {
            action accept
            description "Allow IGMP multicasts"
            destination {
                address 224.0.0.0/4
            }
            log disable
            protocol udp
        }
    }

...en blijkbaar zie ik niets over het hoofd, er wordt immers niet gedropt.

 

Ik denk dat die gedropte packets specifiek zijn voor mijn situatie, nl. de edgerouter achter het KPN ADSL modem. Ik vermoed dat de igmp proxy van dat modem deze genereert met het igmp protocol ipv UDP.

Met jouw firewall policy van 3 regels had ik deze dropped packets in mijn log van iptables:

[2156185.980317] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=51711 DF PROTO=UDP SPT=35925 DPT=10001 LEN=12 MARK=0x65800000
[2156208.009191] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC=01:00:5e:00:00:01:d0:6d:c9:8c:81:f7:08:00 SRC=192.168.2.254 DST=224.0.0.1 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=38542 DF PROTO=2 MARK=0x66000000
[2156217.115588] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=54768 DF PROTO=UDP SPT=37511 DPT=10001 LEN=12 MARK=0x65800000
[2156248.238134] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=62022 DF PROTO=UDP SPT=53017 DPT=10001 LEN=12 MARK=0x65800000
[2156279.348393] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=2348 DF PROTO=UDP SPT=34027 DPT=10001 LEN=12 MARK=0x65800000
[2156310.517830] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=5331 DF PROTO=UDP SPT=44040 DPT=10001 LEN=12 MARK=0x65800000
[2156333.012436] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC=01:00:5e:00:00:01:d0:6d:c9:8c:81:f7:08:00 SRC=192.168.2.254 DST=224.0.0.1 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=47903 DF PROTO=2 MARK=0x66000000
[2156341.579764] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=9230 DF PROTO=UDP SPT=38132 DPT=10001 LEN=12 MARK=0x65800000
[2156372.720244] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=15924 DF PROTO=UDP SPT=37577 DPT=10001 LEN=12 MARK=0x65800000
[2156403.817717] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=19936 DF PROTO=UDP SPT=38874 DPT=10001 LEN=12 MARK=0x65800000
[2156434.968966] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=21453 DF PROTO=UDP SPT=56723 DPT=10001 LEN=12 MARK=0x65800000
[2156458.015975] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC=01:00:5e:00:00:01:d0:6d:c9:8c:81:f7:08:00 SRC=192.168.2.254 DST=224.0.0.1 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=55060 DF PROTO=2 MARK=0x66000000
[2156466.066619] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=23281 DF PROTO=UDP SPT=42824 DPT=10001 LEN=12 MARK=0x65800000
[2156497.195160] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=26680 DF PROTO=UDP SPT=40578 DPT=10001 LEN=12 MARK=0x65800000
[2156528.354467] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=34372 DF PROTO=UDP SPT=57821 DPT=10001 LEN=12 MARK=0x65800000
[2156559.420533] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=35458 DF PROTO=UDP SPT=54856 DPT=10001 LEN=12 MARK=0x65800000
[2156583.019090] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC=01:00:5e:00:00:01:d0:6d:c9:8c:81:f7:08:00 SRC=192.168.2.254 DST=224.0.0.1 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=40971 DF PROTO=2 MARK=0x66000000
[2156590.551887] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=35856 DF PROTO=UDP SPT=53929 DPT=10001 LEN=12 MARK=0x65800000
[2156621.651826] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=42520 DF PROTO=UDP SPT=60435 DPT=10001 LEN=12 MARK=0x65800000
[2156652.789540] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=45352 DF PROTO=UDP SPT=51450 DPT=10001 LEN=12 MARK=0x65800000
[2156683.916008] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=51738 DF PROTO=UDP SPT=52132 DPT=10001 LEN=12 MARK=0x65800000
[2156708.022519] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC=01:00:5e:00:00:01:d0:6d:c9:8c:81:f7:08:00 SRC=192.168.2.254 DST=224.0.0.1 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=16914 DF PROTO=2 MARK=0x66000000
[2156716.037966] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=56290 DF PROTO=UDP SPT=43418 DPT=10001 LEN=12 MARK=0x65800000
[2156747.127029] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=63615 DF PROTO=UDP SPT=55150 DPT=10001 LEN=12 MARK=0x65800000
[2156778.271771] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=65477 DF PROTO=UDP SPT=57542 DPT=10001 LEN=12 MARK=0x65800000
[2156809.383466] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=6223 DF PROTO=UDP SPT=46304 DPT=10001 LEN=12 MARK=0x65800000
[2156833.025835] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC=01:00:5e:00:00:01:d0:6d:c9:8c:81:f7:08:00 SRC=192.168.2.254 DST=224.0.0.1 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=16275 DF PROTO=2 MARK=0x66000000
[2156840.521989] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=7614 DF PROTO=UDP SPT=41566 DPT=10001 LEN=12 MARK=0x65800000
[2156871.663169] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=14709 DF PROTO=UDP SPT=37747 DPT=10001 LEN=12 MARK=0x65800000
[2156902.751717] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=19709 DF PROTO=UDP SPT=35652 DPT=10001 LEN=12 MARK=0x65800000
[2156933.879635] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=22592 DF PROTO=UDP SPT=51511 DPT=10001 LEN=12 MARK=0x65800000
[2156958.029218] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC=01:00:5e:00:00:01:d0:6d:c9:8c:81:f7:08:00 SRC=192.168.2.254 DST=224.0.0.1 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=18014 DF PROTO=2 MARK=0x66000000
[2156965.038660] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=29462 DF PROTO=UDP SPT=38307 DPT=10001 LEN=12 MARK=0x65800000
[2156996.108474] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=36396 DF PROTO=UDP SPT=46069 DPT=10001 LEN=12 MARK=0x65800000
[2157027.218617] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=37077 DF PROTO=UDP SPT=60687 DPT=10001 LEN=12 MARK=0x65800000
[2157058.356291] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=38927 DF PROTO=UDP SPT=53834 DPT=10001 LEN=12 MARK=0x65800000
[2157083.032543] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC=01:00:5e:00:00:01:d0:6d:c9:8c:81:f7:08:00 SRC=192.168.2.254 DST=224.0.0.1 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=13112 DF PROTO=2 MARK=0x66000000
[2157089.478350] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=45259 DF PROTO=UDP SPT=46654 DPT=10001 LEN=12 MARK=0x65800000
[2157120.588932] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=45338 DF PROTO=UDP SPT=58515 DPT=10001 LEN=12 MARK=0x65800000
[2157151.684409] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=52131 DF PROTO=UDP SPT=37338 DPT=10001 LEN=12 MARK=0x65800000
[2157182.804344] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=58117 DF PROTO=UDP SPT=57939 DPT=10001 LEN=12 MARK=0x65800000
[2157208.035938] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC=01:00:5e:00:00:01:d0:6d:c9:8c:81:f7:08:00 SRC=192.168.2.254 DST=224.0.0.1 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=12460 DF PROTO=2 MARK=0x66000000
[2157213.926161] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=58794 DF PROTO=UDP SPT=57633 DPT=10001 LEN=12 MARK=0x65800000
[2157245.062605] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=61795 DF PROTO=UDP SPT=51536 DPT=10001 LEN=12 MARK=0x65800000
[2157276.153096] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=62799 DF PROTO=UDP SPT=56514 DPT=10001 LEN=12 MARK=0x65800000
[2157307.307968] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=1953 DF PROTO=UDP SPT=58851 DPT=10001 LEN=12 MARK=0x65800000
[2157333.039292] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC=01:00:5e:00:00:01:d0:6d:c9:8c:81:f7:08:00 SRC=192.168.2.254 DST=224.0.0.1 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=22396 DF PROTO=2 MARK=0x66000000
[2157338.391952] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=4110 DF PROTO=UDP SPT=40132 DPT=10001 LEN=12 MARK=0x65800000
[2157369.515968] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=9198 DF PROTO=UDP SPT=49322 DPT=10001 LEN=12 MARK=0x65800000
[2157400.630179] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=14927 DF PROTO=UDP SPT=37317 DPT=10001 LEN=12 MARK=0x65800000
[2157431.761324] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=21298 DF PROTO=UDP SPT=53415 DPT=10001 LEN=12 MARK=0x65800000
[2157458.042613] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC=01:00:5e:00:00:01:d0:6d:c9:8c:81:f7:08:00 SRC=192.168.2.254 DST=224.0.0.1 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=23667 DF PROTO=2 MARK=0x66000000
[2157462.873413] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=27425 DF PROTO=UDP SPT=56422 DPT=10001 LEN=12 MARK=0x65800000
[2157494.002311] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=31821 DF PROTO=UDP SPT=44937 DPT=10001 LEN=12 MARK=0x65800000
[2157525.121042] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=35142 DF PROTO=UDP SPT=46178 DPT=10001 LEN=12 MARK=0x65800000
[2157556.199509] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=41488 DF PROTO=UDP SPT=42600 DPT=10001 LEN=12 MARK=0x65800000
[2157583.045986] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC=01:00:5e:00:00:01:d0:6d:c9:8c:81:f7:08:00 SRC=192.168.2.254 DST=224.0.0.1 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=25924 DF PROTO=2 MARK=0x66000000
[2157587.331451] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=46309 DF PROTO=UDP SPT=45569 DPT=10001 LEN=12 MARK=0x65800000
[2157618.437166] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=49734 DF PROTO=UDP SPT=44055 DPT=10001 LEN=12 MARK=0x65800000
[2157649.566339] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=50404 DF PROTO=UDP SPT=55028 DPT=10001 LEN=12 MARK=0x65800000
[2157680.702817] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=56933 DF PROTO=UDP SPT=53956 DPT=10001 LEN=12 MARK=0x65800000
[2157708.049379] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC=01:00:5e:00:00:01:d0:6d:c9:8c:81:f7:08:00 SRC=192.168.2.254 DST=224.0.0.1 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=37210 DF PROTO=2 MARK=0x66000000
[2157711.827402] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=57958 DF PROTO=UDP SPT=51041 DPT=10001 LEN=12 MARK=0x65800000
[2157742.929749] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=62045 DF PROTO=UDP SPT=40825 DPT=10001 LEN=12 MARK=0x65800000
[2157774.007247] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=63230 DF PROTO=UDP SPT=45678 DPT=10001 LEN=12 MARK=0x65800000
[2157805.109098] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=4447 DF PROTO=UDP SPT=37589 DPT=10001 LEN=12 MARK=0x65800000
[2157833.052801] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC=01:00:5e:00:00:01:d0:6d:c9:8c:81:f7:08:00 SRC=192.168.2.254 DST=224.0.0.1 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=24997 DF PROTO=2 MARK=0x66000000
[2157836.235400] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=4813 DF PROTO=UDP SPT=34206 DPT=10001 LEN=12 MARK=0x65800000
[2157867.334601] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=10503 DF PROTO=UDP SPT=43730 DPT=10001 LEN=12 MARK=0x65800000
[2157898.436525] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=12055 DF PROTO=UDP SPT=36151 DPT=10001 LEN=12 MARK=0x65800000
[2157929.527158] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=16794 DF PROTO=UDP SPT=40712 DPT=10001 LEN=12 MARK=0x65800000
[2157958.056088] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC=01:00:5e:00:00:01:d0:6d:c9:8c:81:f7:08:00 SRC=192.168.2.254 DST=224.0.0.1 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=32036 DF PROTO=2 MARK=0x66000000
[2157960.613731] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=19977 DF PROTO=UDP SPT=56143 DPT=10001 LEN=12 MARK=0x65800000
[2157991.747321] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=21112 DF PROTO=UDP SPT=49063 DPT=10001 LEN=12 MARK=0x65800000
[2158022.814408] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=27577 DF PROTO=UDP SPT=37631 DPT=10001 LEN=12 MARK=0x65800000
[2158053.958723] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=30008 DF PROTO=UDP SPT=51474 DPT=10001 LEN=12 MARK=0x65800000
[2158083.059435] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC=01:00:5e:00:00:01:d0:6d:c9:8c:81:f7:08:00 SRC=192.168.2.254 DST=224.0.0.1 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=50830 DF PROTO=2 MARK=0x66000000
[2158085.063414] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=34902 DF PROTO=UDP SPT=42897 DPT=10001 LEN=12 MARK=0x65800000
[2158116.173419] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=37132 DF PROTO=UDP SPT=48483 DPT=10001 LEN=12 MARK=0x65800000
[2158147.290532] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=40382 DF PROTO=UDP SPT=53840 DPT=10001 LEN=12 MARK=0x65800000
[2158178.408000] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=45748 DF PROTO=UDP SPT=37201 DPT=10001 LEN=12 MARK=0x65800000
[2158208.062800] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC=01:00:5e:00:00:01:d0:6d:c9:8c:81:f7:08:00 SRC=192.168.2.254 DST=224.0.0.1 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=7345 DF PROTO=2 MARK=0x66000000
[2158209.563984] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=52835 DF PROTO=UDP SPT=42112 DPT=10001 LEN=12 MARK=0x65800000
[2158240.667794] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=57279 DF PROTO=UDP SPT=60246 DPT=10001 LEN=12 MARK=0x65800000
[2158271.807444] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=62221 DF PROTO=UDP SPT=58853 DPT=10001 LEN=12 MARK=0x65800000
[2158302.913860] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=280 DF PROTO=UDP SPT=34222 DPT=10001 LEN=12 MARK=0x65800000
[2158333.060481] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=5876 DF PROTO=UDP SPT=48763 DPT=10001 LEN=12 MARK=0x65800000
[2158333.066195] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC=01:00:5e:00:00:01:d0:6d:c9:8c:81:f7:08:00 SRC=192.168.2.254 DST=224.0.0.1 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=13266 DF PROTO=2 MARK=0x66000000
[2158364.130352] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=6299 DF PROTO=UDP SPT=33317 DPT=10001 LEN=12 MARK=0x65800000
[2158395.266575] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=7444 DF PROTO=UDP SPT=43549 DPT=10001 LEN=12 MARK=0x65800000
[2158426.376419] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=7647 DF PROTO=UDP SPT=54339 DPT=10001 LEN=12 MARK=0x65800000
[2158457.509575] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=14346 DF PROTO=UDP SPT=34214 DPT=10001 LEN=12 MARK=0x65800000
[2158458.069588] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC=01:00:5e:00:00:01:d0:6d:c9:8c:81:f7:08:00 SRC=192.168.2.254 DST=224.0.0.1 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=41880 DF PROTO=2 MARK=0x66000000
[2158488.587259] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=14421 DF PROTO=UDP SPT=51010 DPT=10001 LEN=12 MARK=0x65800000
[2158519.704773] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=18472 DF PROTO=UDP SPT=35317 DPT=10001 LEN=12 MARK=0x65800000
[2158550.803843] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=21078 DF PROTO=UDP SPT=36974 DPT=10001 LEN=12 MARK=0x65800000
[2158581.940903] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=22742 DF PROTO=UDP SPT=38612 DPT=10001 LEN=12 MARK=0x65800000
[2158583.071921] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC=01:00:5e:00:00:01:d0:6d:c9:8c:81:f7:08:00 SRC=192.168.2.254 DST=224.0.0.1 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=19131 DF PROTO=2 MARK=0x66000000
[2158613.039026] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=24488 DF PROTO=UDP SPT=54728 DPT=10001 LEN=12 MARK=0x65800000
[2158644.180986] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=24962 DF PROTO=UDP SPT=36971 DPT=10001 LEN=12 MARK=0x65800000
[2158675.291821] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=31756 DF PROTO=UDP SPT=48100 DPT=10001 LEN=12 MARK=0x65800000
[2158706.427588] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=32254 DF PROTO=UDP SPT=41914 DPT=10001 LEN=12 MARK=0x65800000
[2158708.075258] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC=01:00:5e:00:00:01:d0:6d:c9:8c:81:f7:08:00 SRC=192.168.2.254 DST=224.0.0.1 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=19931 DF PROTO=2 MARK=0x66000000
[2158737.524293] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=36217 DF PROTO=UDP SPT=38040 DPT=10001 LEN=12 MARK=0x65800000
[2158768.668113] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=38717 DF PROTO=UDP SPT=60994 DPT=10001 LEN=12 MARK=0x65800000
[2158799.794200] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=46211 DF PROTO=UDP SPT=33519 DPT=10001 LEN=12 MARK=0x65800000
[2158830.926866] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=53459 DF PROTO=UDP SPT=36252 DPT=10001 LEN=12 MARK=0x65800000
[2158833.078626] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC=01:00:5e:00:00:01:d0:6d:c9:8c:81:f7:08:00 SRC=192.168.2.254 DST=224.0.0.1 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=35720 DF PROTO=2 MARK=0x66000000
[2158862.033056] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=57592 DF PROTO=UDP SPT=36245 DPT=10001 LEN=12 MARK=0x65800000
[2158893.168238] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=59812 DF PROTO=UDP SPT=40358 DPT=10001 LEN=12 MARK=0x65800000
[2158924.270223] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=64990 DF PROTO=UDP SPT=49014 DPT=10001 LEN=12 MARK=0x65800000
[2158955.401808] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=4415 DF PROTO=UDP SPT=40361 DPT=10001 LEN=12 MARK=0x65800000
[2158958.081972] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC=01:00:5e:00:00:01:d0:6d:c9:8c:81:f7:08:00 SRC=192.168.2.254 DST=224.0.0.1 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=11878 DF PROTO=2 MARK=0x66000000
[2158986.516318] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=12049 DF PROTO=UDP SPT=38945 DPT=10001 LEN=12 MARK=0x65800000
[2159017.649422] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=12921 DF PROTO=UDP SPT=39695 DPT=10001 LEN=12 MARK=0x65800000
[2159048.792970] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=18191 DF PROTO=UDP SPT=44795 DPT=10001 LEN=12 MARK=0x65800000
[2159079.885251] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=18349 DF PROTO=UDP SPT=44332 DPT=10001 LEN=12 MARK=0x65800000
[2159083.085365] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC=01:00:5e:00:00:01:d0:6d:c9:8c:81:f7:08:00 SRC=192.168.2.254 DST=224.0.0.1 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=13547 DF PROTO=2 MARK=0x66000000
[2159110.019595] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=23604 DF PROTO=UDP SPT=37083 DPT=10001 LEN=12 MARK=0x65800000
[2159141.163954] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=24659 DF PROTO=UDP SPT=49404 DPT=10001 LEN=12 MARK=0x65800000
[2159172.246423] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=25042 DF PROTO=UDP SPT=50176 DPT=10001 LEN=12 MARK=0x65800000
[2159203.357132] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=27310 DF PROTO=UDP SPT=50577 DPT=10001 LEN=12 MARK=0x65800000
[2159208.088711] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC=01:00:5e:00:00:01:d0:6d:c9:8c:81:f7:08:00 SRC=192.168.2.254 DST=224.0.0.1 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=4612 DF PROTO=2 MARK=0x66000000
[2159234.477375] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=33252 DF PROTO=UDP SPT=45003 DPT=10001 LEN=12 MARK=0x65800000
[2159265.617040] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=37218 DF PROTO=UDP SPT=49782 DPT=10001 LEN=12 MARK=0x65800000
[2159296.724696] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=43766 DF PROTO=UDP SPT=51632 DPT=10001 LEN=12 MARK=0x65800000
[2159327.842362] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=47260 DF PROTO=UDP SPT=51300 DPT=10001 LEN=12 MARK=0x65800000
[2159333.092178] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC=01:00:5e:00:00:01:d0:6d:c9:8c:81:f7:08:00 SRC=192.168.2.254 DST=224.0.0.1 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=27619 DF PROTO=2 MARK=0x66000000
[2159358.934961] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=48352 DF PROTO=UDP SPT=34952 DPT=10001 LEN=12 MARK=0x65800000
[2159390.061041] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=54727 DF PROTO=UDP SPT=58247 DPT=10001 LEN=12 MARK=0x65800000
[2159421.184807] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=59297 DF PROTO=UDP SPT=51935 DPT=10001 LEN=12 MARK=0x65800000
[2159452.316942] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=63049 DF PROTO=UDP SPT=51167 DPT=10001 LEN=12 MARK=0x65800000
[2159458.094462] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC=01:00:5e:00:00:01:d0:6d:c9:8c:81:f7:08:00 SRC=192.168.2.254 DST=224.0.0.1 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=55152 DF PROTO=2 MARK=0x66000000
[2159483.423148] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=1577 DF PROTO=UDP SPT=51676 DPT=10001 LEN=12 MARK=0x65800000
[2159514.543469] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=1832 DF PROTO=UDP SPT=43833 DPT=10001 LEN=12 MARK=0x65800000
[2159545.637126] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=7228 DF PROTO=UDP SPT=46993 DPT=10001 LEN=12 MARK=0x65800000
[2159576.768585] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=9990 DF PROTO=UDP SPT=53932 DPT=10001 LEN=12 MARK=0x65800000
[2159583.097919] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC=01:00:5e:00:00:01:d0:6d:c9:8c:81:f7:08:00 SRC=192.168.2.254 DST=224.0.0.1 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=59649 DF PROTO=2 MARK=0x66000000
[2159607.889788] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=13876 DF PROTO=UDP SPT=40155 DPT=10001 LEN=12 MARK=0x65800000
[2159638.996112] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=20927 DF PROTO=UDP SPT=35788 DPT=10001 LEN=12 MARK=0x65800000
[2159670.099590] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=24992 DF PROTO=UDP SPT=56006 DPT=10001 LEN=12 MARK=0x65800000
[2159701.231746] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=27004 DF PROTO=UDP SPT=37292 DPT=10001 LEN=12 MARK=0x65800000
[2159708.101174] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC=01:00:5e:00:00:01:d0:6d:c9:8c:81:f7:08:00 SRC=192.168.2.254 DST=224.0.0.1 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=51679 DF PROTO=2 MARK=0x66000000
[2159732.319382] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=32520 DF PROTO=UDP SPT=47235 DPT=10001 LEN=12 MARK=0x65800000
[2159763.438027] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=39294 DF PROTO=UDP SPT=58643 DPT=10001 LEN=12 MARK=0x65800000
[2159794.570997] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=46260 DF PROTO=UDP SPT=32918 DPT=10001 LEN=12 MARK=0x65800000
[2159825.641389] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=53273 DF PROTO=UDP SPT=46995 DPT=10001 LEN=12 MARK=0x65800000
[2159833.104525] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC=01:00:5e:00:00:01:d0:6d:c9:8c:81:f7:08:00 SRC=192.168.2.254 DST=224.0.0.1 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=6995 DF PROTO=2 MARK=0x66000000
[2159856.789637] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=53345 DF PROTO=UDP SPT=56717 DPT=10001 LEN=12 MARK=0x65800000
[2159887.865174] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=55831 DF PROTO=UDP SPT=47525 DPT=10001 LEN=12 MARK=0x65800000
[2159918.992888] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=57136 DF PROTO=UDP SPT=35578 DPT=10001 LEN=12 MARK=0x65800000
[2159950.128160] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=58200 DF PROTO=UDP SPT=37372 DPT=10001 LEN=12 MARK=0x65800000
[2159958.108096] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC=01:00:5e:00:00:01:d0:6d:c9:8c:81:f7:08:00 SRC=192.168.2.254 DST=224.0.0.1 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=51277 DF PROTO=2 MARK=0x66000000
[2159981.243758] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=60524 DF PROTO=UDP SPT=58921 DPT=10001 LEN=12 MARK=0x65800000
[2160012.380685] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=62096 DF PROTO=UDP SPT=48759 DPT=10001 LEN=12 MARK=0x65800000
[2160043.489875] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=2163 DF PROTO=UDP SPT=55615 DPT=10001 LEN=12 MARK=0x65800000
[2160074.603184] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=6788 DF PROTO=UDP SPT=46250 DPT=10001 LEN=12 MARK=0x65800000
[2160083.111317] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC=01:00:5e:00:00:01:d0:6d:c9:8c:81:f7:08:00 SRC=192.168.2.254 DST=224.0.0.1 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=11985 DF PROTO=2 MARK=0x66000000
[2160105.740569] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=14460 DF PROTO=UDP SPT=37999 DPT=10001 LEN=12 MARK=0x65800000
[2160136.870439] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=15901 DF PROTO=UDP SPT=49927 DPT=10001 LEN=12 MARK=0x65800000
[2160167.971901] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=16419 DF PROTO=UDP SPT=33011 DPT=10001 LEN=12 MARK=0x65800000
[2160199.104610] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=18766 DF PROTO=UDP SPT=33216 DPT=10001 LEN=12 MARK=0x65800000
[2160208.114722] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC=01:00:5e:00:00:01:d0:6d:c9:8c:81:f7:08:00 SRC=192.168.2.254 DST=224.0.0.1 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=11293 DF PROTO=2 MARK=0x66000000
[2160230.253025] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=25241 DF PROTO=UDP SPT=49471 DPT=10001 LEN=12 MARK=0x65800000
[2160261.341808] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=30097 DF PROTO=UDP SPT=45191 DPT=10001 LEN=12 MARK=0x65800000
[2160292.458069] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=32050 DF PROTO=UDP SPT=56198 DPT=10001 LEN=12 MARK=0x65800000
[2160323.596919] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=34988 DF PROTO=UDP SPT=34900 DPT=10001 LEN=12 MARK=0x65800000
[2160333.117046] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC=01:00:5e:00:00:01:d0:6d:c9:8c:81:f7:08:00 SRC=192.168.2.254 DST=224.0.0.1 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=24955 DF PROTO=2 MARK=0x66000000
[2160354.688285] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=42079 DF PROTO=UDP SPT=45555 DPT=10001 LEN=12 MARK=0x65800000
[2160385.842530] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=46313 DF PROTO=UDP SPT=43027 DPT=10001 LEN=12 MARK=0x65800000
[2160416.920528] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=50831 DF PROTO=UDP SPT=40773 DPT=10001 LEN=12 MARK=0x65800000
[2160447.054834] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=58162 DF PROTO=UDP SPT=60721 DPT=10001 LEN=12 MARK=0x65800000
[2160458.854074] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=224.0.252.127 LEN=32 TOS=0x00 PREC=0xC0 TTL=1 ID=0 DF PROTO=2 MARK=0x65800000
[2160458.886040] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=225.0.71.1 LEN=32 TOS=0x00 PREC=0xC0 TTL=1 ID=0 DF PROTO=2 MARK=0x65800000
[2160458.918107] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=233.89.188.1 LEN=32 TOS=0x00 PREC=0xC0 TTL=1 ID=0 DF PROTO=2 MARK=0x65800000
[2160458.982056] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=224.3.2.6 LEN=32 TOS=0x00 PREC=0xC0 TTL=1 ID=0 DF PROTO=2 MARK=0x65800000
[2160464.522061] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=224.0.250.71 LEN=32 TOS=0x00 PREC=0xC0 TTL=1 ID=0 DF PROTO=2 MARK=0x65800000
[2160465.542040] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=224.0.250.71 LEN=32 TOS=0x00 PREC=0xC0 TTL=1 ID=0 DF PROTO=2 MARK=0x65800000
[2160466.246031] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=224.0.250.71 LEN=32 TOS=0x00 PREC=0xC0 TTL=1 ID=0 DF PROTO=2 MARK=0x65800000
[2160478.160166] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=63616 DF PROTO=UDP SPT=56379 DPT=10001 LEN=12 MARK=0x65800000
[2160509.279858] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=626 DF PROTO=UDP SPT=37051 DPT=10001 LEN=12 MARK=0x65800000
[2160540.469701] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=2770 DF PROTO=UDP SPT=60116 DPT=10001 LEN=12 MARK=0x65800000
[2160571.538114] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=255.255.255.255 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=7263 DF PROTO=UDP SPT=36267 DPT=10001 LEN=12 MARK=0x65800000
[2160583.358276] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=224.3.2.6 LEN=32 TOS=0x00 PREC=0xC0 TTL=1 ID=0 DF PROTO=2 MARK=0x65800000
[2160583.398331] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=225.0.71.1 LEN=32 TOS=0x00 PREC=0xC0 TTL=1 ID=0 DF PROTO=2 MARK=0x65800000
[2160583.494268] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=233.89.188.1 LEN=32 TOS=0x00 PREC=0xC0 TTL=1 ID=0 DF PROTO=2 MARK=0x65800000
[2160583.686296] iptables DROPped from KPN_LOCIN=eth2 OUT= MAC= SRC=192.168.2.100 DST=224.0.252.127 LEN=32 TOS=0x00 PREC=0xC0 TTL=1 ID=0 DF PROTO=2 MARK=0x65800000

 

Ik dacht eerst dat dit kwam door die invalid state drop regel, vandaar dat die bij mij nu ontbreekt, die moet ik idd nog terugzetten.

Regel 20 of 30 (zijn nu hetzelfde) heb ik écht wel nodig, zie de igmp packets in de iptables log die gedropt worden. Ik denk dat dat de igmp General Query messages zijn die de igmp proxy op het KPN Modem (door) stuurt om te kijken of mijn STB nog in de multicastgroup wil blijven zitten. En als die dus gedropt worden, stopt de proxy met streamen naar mijn STB, omdat mijn STB er dan geen antwoord op kan geven.

 Regel 50 komt volgens mij als experiment uit mijn PolicyBasedRouting modify firewall policy, die zal ik ook eens verwijderen.

 

Jouw firewall zit achter de IGMP proxy server op de Experia Box immers jouw EdgeRouter staat achter de Experia Box en dat is het verschil met mijn situatie. De UDP IGMP pakketjes zijn daar niet gericht aan 224.0.0.0/4 maar aan 255.255.255.255. Jij zou regel 20 kunnen omzetten naar die invalid state rule en regel 40 en 50 kunnen verwijderen.

No pun intended, het ligt ook aan de vervuiling in de gepost log, de meeste van die packets zijn ubiquity discovery packets naar poort 10001 van 255.255.255.255. Maar dit zijn de packets waar het om gaat:

MAC=01:00:5e:00:00:01:d0:6d:c9:8c:81:f7:08:00 SRC=192.168.2.254 DST=224.0.0.1 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=55060 DF PROTO=2 MARK=0x66000000

 

En daar heb ik die accept regel voor nodig voor die igmp packets naar 224.0.0.0/4 wowrden gestuurd. Dus ondanks de udp accept van alles met destination 224.0.0.0/4 worden die igmp packets gedropt zonder regel 20 en/of 30.

No pun intended, het ligt ook aan de vervuiling in de gepost log, de meeste van die packets zijn ubiquity discovery packets naar poort 10001 van 255.255.255.255. Maar dit zijn de packets waar het om gaat:

MAC=01:00:5e:00:00:01:d0:6d:c9:8c:81:f7:08:00 SRC=192.168.2.254 DST=224.0.0.1 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=55060 DF PROTO=2 MARK=0x66000000

 

En daar heb ik die accept regel voor nodig voor die igmp packets naar 224.0.0.0/4 wowrden gestuurd. Dus ondanks de udp accept van alles met destination 224.0.0.0/4 worden die igmp packets gedropt zonder regel 20 en/of 30.

Maar die IGMP pakketjes zijn UDP pakketjes gericht aan het subnet 224.0.0.0/4 en die worden bij mij door rule 3 doorgelaten. Je ziet dat ik ook geen rule voor IGMP pakketjes in mijn firewall heb staan en toch werkt het vlekkeloos.

Sorry, het is wat verwarrend. Dat ene uitgelichte packet is er één uit mijn eerder geposte iptables log van gedropte packets in mijn KPN_LOCAL policy.

PROTO=2 betekent volgens mij dat het een IGMP packet is, en géén UDP packet. Dat kan ook niet, want met de destination 224.0.0.1 zou een UDP packet ook mijn accept rule voor UDP met destination 224.0.0.0/4 gehit hebben, en niet in de log voor gedropte packets terecht kunnen zijn gekomen.

En dat is inderdaad het verschil tussen jou en mijn situatie. In mijn situatie heb ik een "extra" igmp proxy op het KPN ADSL modem draaien, dat waarschijnlijk dit pakket genereert, of vertaalt vanuit een UDP packet dat aan de Internetkant van het ADSL modem wordt aangeboden, naar een IGMP packet. Daar heb jij kennelijk geen last van als je je edgerouter rechtstreeks aan de KPN Fiber hebt hangen.

@roco72 ik heb ook delta fiber.

misschien dat het mij daarom niet lukte vandaar dat ik nu een iets andere setup heb. Maar die werkt wel.

het liefst wil ik iptv over een vlan hebben. heb nu 2 kabels vanaf mijn modem naar de edgerouter toe 

PROTO=2 betekent volgens mij dat het een IGMP packet is, en géén UDP packet. Dat kan ook niet, want met de destination 224.0.0.1 zou een UDP packet ook mijn accept rule voor UDP met destination 224.0.0.0/4 gehit hebben, en niet in de log voor gedropte packets terecht kunnen zijn gekomen.

En dat is inderdaad het verschil tussen jou en mijn situatie. In mijn situatie heb ik een "extra" igmp proxy op het KPN ADSL modem draaien, dat waarschijnlijk dit pakket genereert, of vertaalt vanuit een UDP packet dat aan de Internetkant van het ADSL modem wordt aangeboden, naar een IGMP packet. Daar heb jij kennelijk geen last van als je je edgerouter rechtstreeks aan de KPN Fiber hebt hangen.

Daar lijkt het inderdaad op (bron).

De Kennisbank

Heb je vragen over diensten, producten of wil je weten hoe je modeminstellingen verandert? Vind het antwoord op de meest gestelde vragen in onze Kennisbank

...

Community voorwaarden