Last active
October 15, 2024 13:12
-
-
Save juliojsb/00e3bb086fd4e0472dbe to your computer and use it in GitHub Desktop.
Allow multicast communications in iptables
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Run the following: | |
| iptables -A INPUT -m pkttype --pkt-type multicast -j ACCEPT | |
| iptables -A FORWARD -m pkttype --pkt-type multicast -j ACCEPT | |
| iptables -A OUTPUT -m pkttype --pkt-type multicast -j ACCEPT | |
| Or: | |
| iptables -A INPUT -s 224.0.0.0/4 -j ACCEPT | |
| iptables -A FORWARD -s 224.0.0.0/4 -d 224.0.0.0/4 -j ACCEPT | |
| iptables -A OUTPUT -d 224.0.0.0/4 -j ACCEPT |
Change this INPUT chain to allow inputs with the multicast destination
iptables -A INPUT -d 224.0.0.0/24 -j ACCEPT
or limit to multicast request from your own network only:
iptables -A INPUT -s <your_private_network_cidr> -d 224.0.0.0/24 -j ACCEPT
where <your_private_network_cidr> can be something like 192.168.1.0/24
Thanks a lot!
My network topology is shown in the picture. H1 will send multicast packet to H2 through R1 and R2. Which iptables rules should I set at R1 and R2 ?
Thanks in advance !
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Still getting the following message in log files:
... iptables denied . . . SRC=192.168.1.74 DST=224.0.0.1 . . .
... iptabled denied ... SRC=192.168.1,1 DST=224.0.0.251 . . .
Playing around with the rules (changed the 224.0.0.0/4 to 224.0.0.0/24) but still blocking.