Welcome to the IPFire Wiki

This wiki is a community-maintained resource about everything there is to know about IPFire.

Please join in and help us improving it!

igmpproxy

The igmpproxy is a Addon to use T-Home with the IPFire, without using the provider's hardware.

Senior Alix boards are not suitable for Entertain, because of their build in "via-rhine Ethernet ports" for those NIC´s it is unable to realize the VLAN connection.
Furthermore, it may come to problems with RTL8101E/RTL8102E network interface cards.

Configuration

After successful installation over Pakfire it´s now time to start over. For the use of IPTV it is unfortunately necessary to do some handwork, but with tools like Putty or Winscp also "Linux-beginners" should be able to handle this.

First, the file /et/IGMPPROXY.CONF should be adapted.

Example configuration file for the IgmpProxy

--------------------------------------------

The configuration file must define one upstream

interface, and one or more downstream interfaces.

If multicast traffic originates outside the

upstream subnet, the "altnet" option can be

used in order to define legal multicast sources.

(Se example...)

The "quickleave" should be used to avoid saturation

of the upstream link. The option should only

be used if it's absolutely nessecary to

accurately imitate just one Client.

------------------------------------------------------

Enable Quickleave mode (Sends Leave instantly)

------------------------------------------------------

quickleave

upstream = modem interface, red0.8 for vlan tagging (new infrastructure), ppp0 for red0.7 (vlan tagging, old infrastructure), red0 (no vlan tagging)

phyint red0.8 upstream ratelimit 0 threshold 1
altnet 239.0.0.0/8;
altnet 217.0.119.194/16;
altnet 193.158.35.0/24;
altnet 192.168.40.200/32; #replace with your own reciver IP's

lan interface of ipfire interacting with the iptv-device

phyint green0 downstream ratelimit 0 threshold 1
altnet 192.168.40.200/32; #replace with your own reciver IP's

disable all unused interfaces, especially the one connected to the dsl modem

phyint lo disabled
phyint blue0 disabled
phyint red0 disabled
phyint tun0 disabled
phyint ppp0 disabled
phyint imq0 disabled
phyint mast0 disabled

phyint orange0 disabled

Explanation of the entries:

  • red0.8 is the device which receives the multicast. This is for T-Home after the switch to the destination network VLAN 8 on the red interface.

  • phyint red0.8 upstream ratelimit 0 threshold 1
  • Constitute the IP's from T-Entertain

    altnet 239.35.0.0/8
    altnet 217.0.119.194/16;
    *altnet 193.158.35.0/24;

  • The LAN interface is on the IPFire green0. It can also be used blue0 or orange0 and various VPN connections.

  • phyint green0 downstream ratelimit 0 threshold 1

Here, you can specify (one or multiple) media reciver(s).
* altnet 192.168.40.200/32;

  • other not required devices will be disabled, not available devices can be out-commented.

  • phyint lo disabled

  • phyint blue0 disabled
  • phyint red0 disabled
  • phyint tun0 disabled
  • phyint ppp0 disabled
  • phyint imq0 disabled
  • phyint mast0 disabled
  • phyint orange0 disabled

In addition, we need to make sure that the igmpproxy is loaded at the start and that a few manual iptable rules are running. Therefore the best place is the firewall.local (/etc/sysconfig):

!/bin/sh

Used for private firewall rules

See how we were called.

case "$1" in
start)
## add your 'start' rules here
/sbin/iptables -I IPTVINPUT -i red0.8 -d 224.0.0.0/4 -j ACCEPT
/sbin/iptables -I IPTVFORWARD -i red0.8 -d 224.0.0.0/4 -j ACCEPT
# end for igmpproxy
;;
stop)
## add your 'stop' rules here
/sbin/iptables -D IPTVINPUT -i red0.8 -d 224.0.0.0/4 -j ACCEPT
/sbin/iptables -D IPTVFORWARD -i red0.8 -d 224.0.0.0/4 -j ACCEPT
# end for igmpproxy
;;
reload)
$0 stop
$0 start
## add our 'reload' rules here
;;
*)
echo "Usage: $0 {start|stop|reload}"
;;
esac

Let´s build a start command for the IGMP proxy in the rc.local :

!/bin/sh

IPFire.org - A linux based firewall

Copyright (C) 2007 Michael Tremer & Christian Schmidt

This program is free software: you can redistribute it and/or modify

it under the terms of the GNU General Public License as published by

the Free Software Foundation, either version 3 of the License, or

(at your option) any later version.

This program is distributed in the hope that it will be useful,

but WITHOUT ANY WARRANTY; without even the implied warranty of

MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the

GNU General Public License for more details.

You should have received a copy of the GNU General Public License

along with this program. If not, see http://www.gnu.org/licenses/.

Used for private calls after boot

power button shutdown

if grep -q '^button' /proc/modules ; then
( head -1 /proc/acpi/event | grep -q 'button/power PWRF' && poweroff ) &
fi

/usr/local/sbin/igmpproxy /etc/igmpproxy.conf &

  • The igmpproxy.conf is here adapted especially for T-Home Users. With other providers (MaxDome, etc.), you need to ask for the corresponding IP's and adjust those.

  • For operation with the Webproxy and Content-Filter the IP of the recivers needs to be registered on Unrestricted IP addresses" or Unfiltered IP addresses" .

  • To avoid redundant errors or problems, it is important to assign different MAC addresses to the VLAN's, this is manageable over the webinterface under assign MAC address.

  • By the use of IPTV you should not use the ClamAV, this disturbs the stream significantly.

This configuration did not work 100% in my setup. Therefore I can present a working configuration.
An Alternative /etc/sysconfig/firewall.local that works 100% in my environment.

!/bin/sh

Used for private firewall rules

See how we were called.

case "$1" in
start)
## add your 'start' rules here
/usr/local/sbin/igmpproxy /etc/igmpproxy.conf &

# for igmpproxy
/sbin/iptables -I CUSTOMINPUT -i red0.8 -d 224.0.0.0/4 -j ACCEPT
/sbin/iptables -I CUSTOMFORWARD -i red0.8 -d 224.0.0.0/4 -j ACCEPT

end for igmpproxy

;;
stop)
## add your 'stop' rules here
# for igmpproxy
/sbin/iptables -D CUSTOMINPUT -i red0.8 -d 224.0.0.0/4 -j ACCEPT
/sbin/iptables -D CUSTOMFORWARD -i red0.8 -d 224.0.0.0/4 -j ACCEPT
killall igmpproxy
;;
reload)
$0 stop
$0 start
## add your 'reload' rules here
;;
*)
echo "Usage: $0 {start|stop|reload}"
;;
esac

Configuration for BNG

If the German Provider Telekom migrated your Port to BNG, VLAN8 for Multicast is not used anymore.
Therefore you have to configure in both configuration files ppp0 as replacement interface for red0.8.

Example configuration file for the IgmpProxy

--------------------------------------------

The configuration file must define one upstream

interface, and one or more downstream interfaces.

If multicast traffic originates outside the

upstream subnet, the "altnet" option can be

used in order to define legal multicast sources.

(Se example...)

The "quickleave" should be used to avoid saturation

of the upstream link. The option should only

be used if it's absolutely nessecary to

accurately imitate just one Client.

------------------------------------------------------

Enable Quickleave mode (Sends Leave instantly)

------------------------------------------------------

quickleave

------------------------------------------------------

Configuration for red (Upstream Interface)

upstream = modem interface, red0.8 for vlan tagging (new infrastructure), ppp0 for red0.7 (vlan tagging, old infrastructure), red0 (no vlan tagging)

------------------------------------------------------

phyint ppp0 upstream ratelimit 0 threshold 1
altnet 239.0.0.0/8;
altnet 232.0.0.0/8;
altnet 217.0.119.194/16;
altnet 193.158.35.0/24;
altnet 192.168.0.100/32; #replace with your own reciver IP's

------------------------------------------------------

Configuration for green0 (Downstream Interface)

lan interface of ipfire interacting with the iptv-device

------------------------------------------------------

phyint green0 downstream ratelimit 0 threshold 1
altnet 192.168.0.100/32; #replace with your own reciver IP's

------------------------------------------------------

disable all unused interfaces, especially the one connected to the dsl modem

------------------------------------------------------

phyint wlan0
phyint lo disabled

phyint blue0 disabled

phyint red0 disabled
phyint tun0 disabled

phyint ppp0 disabled

phyint imq0 disabled

phyint mast0 disabled

phyint orange0 disabled

!/bin/sh

Used for private firewall rules

See how we were called.

case "$1" in
start)
## add your 'start' rules here
/usr/local/sbin/igmpproxy /etc/igmpproxy.conf &

# for igmpproxy
/sbin/iptables -I IPTVINPUT -i ppp0 -d 224.0.0.0/4 -j ACCEPT
/sbin/iptables -I IPTVFORWARD -i ppp0 -d 224.0.0.0/4 -j ACCEPT

end for igmpproxy

;;
stop)
## add your 'stop' rules here
# for igmpproxy
/sbin/iptables -I IPTVINPUT -i ppp0 -d 224.0.0.0/4 -j ACCEPT
/sbin/iptables -I IPTVFORWARD -i ppp0 -d 224.0.0.0/4 -j ACCEPT
killall igmpproxy
;;
reload)
$0 stop
$0 start
## add your 'reload' rules here
;;
*)
echo "Usage: $0 {start|stop|reload}"
;;
esac

Edit Page ‐ Yes, you can edit!

Older Revisions • October 1 at 9:49 pm