In some email I received from Paul Kranenburg, sie wrote:
> > I assume you mean IGMP traffic going out actually goes out (it shows up
> > with tcpdump) and isn't just because it is redialling ?  I don't know how
> > the ppp interface works, with respect to dial-on-demand, but what you will
> > have to filter on is the tunnel IP addresses, not the multicast addresses.
> > 
> > What I think you need is this, in your mrouted.conf file:
> > 
> > phyint ppp0-ip-address disable
> 
> 
> The mbone tunnel isn't on the ppp interface. In fact, I want to block
> all multicast traffic on it.
> 
> To answer your question: yes, IGMP packets (probes on address 224.0.0.4)
> show up with `tcpdump -i ppp0' and do cause the ppp daemon to dial.
> As I said, no amount of IPF filter rules can stop that.

Ah, I see the problem.  The code #ifdef'd by PFIL_HOOKS is on the wrong
side of the "sendit:" label in ip_output.c.

Darren