The igmpproxy is a Addon to use T-Home with the IPFire, without using the provider's hardware.

<note>Senior Alix boards are not suitable for Entertain, because of their build in ”via-rhine Ethernet ports” for those NIC´s it is unable to realize the VLAN connection. Furthermore, it may come to problems with RTL8101E/RTL8102E network interface cards. </note>

After successful installation over Pakfire it´s now time to start over. For the use of IPTV it is unfortunately necessary to do some handwork, but with tools like Putty or Winscp also “Linux-beginners” should be able to handle this.

First, the file /etc/IGMPPROXY.CONF should be adapted.

<box 90% round blue|File: /etc/igmpproxy.conf>

#
#   Example configuration file for the IgmpProxy
#   --------------------------------------------
#
#   The configuration file must define one upstream
#   interface, and one or more downstream interfaces.
#
#   If multicast traffic originates outside the
#   upstream subnet, the "altnet" option can be
#   used in order to define legal multicast sources.
#   (Se example...)
#
#   The "quickleave" should be used to avoid saturation
#   of the upstream link. The option should only
#   be used if it's absolutely nessecary to
#   accurately imitate just one Client.
#
########################################################
##------------------------------------------------------
## Enable Quickleave mode (Sends Leave instantly)
##------------------------------------------------------
#
quickleave
# upstream = modem interface, red0.8 for vlan tagging (new infrastructure), ppp0 for red0.7 (vlan tagging, old infrastructure), red0 (no vlan tagging)
phyint red0.8  upstream  ratelimit 0  threshold 1
        altnet 239.0.0.0/8
        altnet 217.0.119.194/16;
        altnet 193.158.35.0/24;
        altnet 192.168.40.200/32;   #replace with your own reciver IP's
# lan interface of ipfire interacting with the iptv-device
phyint green0 downstream  ratelimit 0  threshold 1
        altnet 192.168.40.200/32;   #replace with your own reciver IP's
#
# disable all unused interfaces, especially the one connected to the dsl modem
phyint lo disabled
phyint blue0 disabled
phyint red0 disabled
phyint tun0 disabled
phyint ppp0 disabled
phyint imq0 disabled
phyint mast0 disabled
#phyint orange0 disabled

</box>

Explanation of the entries:

• # red0.8 is the device which receives the multicast. This is for T-Home after the switch to the destination network VLAN 8 on the red interface.
• phyint red0.8 upstream ratelimit 0 threshold 1
• # Constitute the IP's from T-Entertain
  • altnet 239.35.0.0/8
  • altnet 217.0.119.194/16;
  • altnet 193.158.35.0/24;

• # The LAN interface is on the IPFire green0. It can also be used blue0 or orange0 and various VPN connections.
• phyint green0 downstream ratelimit 0 threshold 1

Here, you can specify (one or multiple) media reciver(s).

• altnet 192.168.40.200/32;

• # other not required devices will be disabled, not available devices can be out-commented.

• phyint lo disabled
• phyint blue0 disabled
• phyint red0 disabled
• phyint tun0 disabled
• phyint ppp0 disabled
• phyint imq0 disabled
• phyint mast0 disabled
• #phyint orange0 disabled

In addition, we need to make sure that the igmpproxy is loaded at the start and that a few manual iptable rules are running. Therefore the best place is the firewall.local (/etc/sysconfig):

<box 90% round blue|File: /etc/sysconfig/firewall.local>

#!/bin/sh
# Used for private firewall rules
# See how we were called.
case "$1" in
  start)
        ## add your 'start' rules here
        /sbin/iptables -I IPTVINPUT -i red0.8 -d 224.0.0.0/4 -j ACCEPT
        /sbin/iptables -I IPTVFORWARD -i red0.8 -d 224.0.0.0/4 -j ACCEPT
        # end for igmpproxy
        ;;
  stop)
        ## add your 'stop' rules here
       /sbin/iptables -D IPTVINPUT -i red0.8 -d 224.0.0.0/4 -j ACCEPT
       /sbin/iptables -D IPTVFORWARD -i red0.8 -d 224.0.0.0/4 -j ACCEPT
       # end for igmpproxy
       ;;
  reload)
      $0 stop
      $0 start
      ## add our 'reload' rules here
      ;;
*)
      echo "Usage: $0 {start|stop|reload}"
      ;;
esac

</box>

Let´s build a start command for the IGMP proxy in the rc.local :

<box 90% round blue|File: /etc/sysconfig/rc.local>

#!/bin/sh
###############################################################################
#                                                                             #
# IPFire.org - A linux based firewall                                         #
# Copyright (C) 2007  Michael Tremer & Christian Schmidt                      #
#                                                                             #
# This program is free software: you can redistribute it and/or modify        #
# it under the terms of the GNU General Public License as published by        #
# the Free Software Foundation, either version 3 of the License, or           #
# (at your option) any later version.                                         #
#                                                                             #
# This program is distributed in the hope that it will be useful,             #
# but WITHOUT ANY WARRANTY; without even the implied warranty of              #
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               #
# GNU General Public License for more details.                                #
#                                                                             #
# You should have received a copy of the GNU General Public License           #
# along with this program.  If not, see <http://www.gnu.org/licenses/>.       #
#                                                                             #
###############################################################################
# Used for private calls after boot                                           #
###############################################################################

# power button shutdown
if grep -q '^button' /proc/modules ; then
    ( head -1 /proc/acpi/event | grep -q 'button/power PWRF' && poweroff ) &
fi

/usr/local/sbin/igmpproxy /etc/igmpproxy.conf &

</box>

• The igmpproxy.conf is here adapted especially for T-Home Users. With other providers (MaxDome, etc.), you need to ask for the corresponding IP's and adjust those.

• For operation with the Webproxy and Content-Filter the IP of the recivers needs to be registered on ”Unrestricted IP addresses” or ”Unfiltered IP addresses” .

• To avoid redundant errors or problems, it is important to assign different MAC addresses to the VLAN's, this is manageable over the webinterface under assign MAC address.

• By the use of IPTV you should not use the ClamAV, this disturbs the stream significantly.

This configuration did not work 100% in my setup. Therefore I can present a working configuration. An Alternative /etc/sysconfig/firewall.local that works 100% in my environment.

<box 90% round blue|File: /etc/sysconfig/firewall.local>

#!/bin/sh
# Used for private firewall rules

# See how we were called.
case "$1" in
  start)
        ## add your 'start' rules here
        /usr/local/sbin/igmpproxy /etc/igmpproxy.conf &

        # for igmpproxy
        /sbin/iptables -I CUSTOMINPUT -i red0.8 -d 224.0.0.0/4 -j ACCEPT
        /sbin/iptables -I CUSTOMFORWARD -i red0.8 -d 224.0.0.0/4 -j ACCEPT
# end for igmpproxy
        ;;
  stop)
        ## add your 'stop' rules here
        killall igmpproxy
        # for igmpproxy
        /sbin/iptables -D CUSTOMINPUT -i red0.8 -d 224.0.0.0/4 -j ACCEPT
        /sbin/iptables -D CUSTOMFORWARD -i red0.8 -d 224.0.0.0/4 -j ACCEPT
        ;;
  reload)
        $0 stop
        $0 start
        ## add your 'reload' rules here
        ;;
  *)
        echo "Usage: $0 {start|stop|reload}"
        ;;
esac

</box>