Dear all,
in my OpenWrt main router smcroute stats I'm seeing multicast packages arriving from my WAN router connection that I would expect to be blocked by the main router firewall.
I presume this is because smcroute is not a routing proxy by itself, but is rather orchestrating the kernel multicast routing capabilities, with the smcroute packet count statistics reflecting the kernel knowledge about arriving packets prior to entering the firewall machinery?
I'm also observing that the multicast routing between firewall zones managed by smcroute is being controlled by the firewall "zone forwarding" settings, and NOT the INPUT setting of the source plus the OUTPUT setting of the destination zone, which fits the assumption above that the routed multicast packets are not considered to enter the router device IP stack itself and then leave it again (which would be the case if smcroute would act as a multicast proxy).
Can you experts confirm that my assumptions are correct?
Kind regards,
Sebastian