Description
When the FortiGate is set in Transparent mode, even if the multicast is allowed to go through, every multicast packet creates a traffic log. This could pollute your logs if a big number of multicast traffic is sent on the network, the message logged is like following:
date=2013-10-04 time=20:57:11 itime=1380916632 logid=14 type=traffic subtype=local level=notice vd=root devid=FG800C3912801610 status=deny trandisp=noop srcip=10.33.31.3 srcport=1985 dstip=224.0.0.102 dstport=1985 service=1985/udp proto=17 duration=0 policyid=0 sentbyte=0 rcvdbyte=0 srcintf=v-537-TIC-API-i dstintf=N/A sessionid=21730520 app=1985/udp dstcountry=Reserved srccountry=Reserved
By default, the traffic is denied by an implicit local-in policy.
Solution
One possible solution to get rid of these log messages, is to disable the logs for the local-in deny packet:
config log settings
set local-in-deny disable
end
Note that it will disable the multicast traffic logs, but also all the local-in traffic that is denied.
