-
-
Save juliojsb/00e3bb086fd4e0472dbe to your computer and use it in GitHub Desktop.
| Run the following: | |
| iptables -A INPUT -m pkttype --pkt-type multicast -j ACCEPT | |
| iptables -A FORWARD -m pkttype --pkt-type multicast -j ACCEPT | |
| iptables -A OUTPUT -m pkttype --pkt-type multicast -j ACCEPT | |
| Or: | |
| iptables -A INPUT -s 224.0.0.0/4 -j ACCEPT | |
| iptables -A FORWARD -s 224.0.0.0/4 -d 224.0.0.0/4 -j ACCEPT | |
| iptables -A OUTPUT -d 224.0.0.0/4 -j ACCEPT |
Still getting the following message in log files:
... iptables denied . . . SRC=192.168.1.74 DST=224.0.0.1 . . .
... iptabled denied ... SRC=192.168.1,1 DST=224.0.0.251 . . .
Playing around with the rules (changed the 224.0.0.0/4 to 224.0.0.0/24) but still blocking.
Change this INPUT chain to allow inputs with the multicast destination
iptables -A INPUT -d 224.0.0.0/24 -j ACCEPT
or limit to multicast request from your own network only:
iptables -A INPUT -s <your_private_network_cidr> -d 224.0.0.0/24 -j ACCEPT
where <your_private_network_cidr> can be something like 192.168.1.0/24
Thanks a lot!
My network topology is shown in the picture. H1 will send multicast packet to H2 through R1 and R2. Which iptables rules should I set at R1 and R2 ?
Thanks in advance !
I am still quite the newb with iptables, but do the rules you show above keep all the multicast traffic within the LAN ?
My logs are being hammered with "iptables denied . . ." messages with source IP of my router's LAN IP and other devices on the LAN and with a destination IP of 224.0.0.1 and 224.0.0.251
Just wanting to make sure I am not exposing myself to other issues while trying to reduce log entries. Thanks