How to make iptables ALLOW rule for multicast?

linux firewall iptables failover ucarp
17,877 
iptables -A INPUT -i eth1:1 -m pkttype --pkt-type multicast -j ACCEPT

Make sure that the xt_pkttype module is loaded into the running kernel:

--- Networking support        
      Networking options  --->
          [*] Network packet filtering framework (Netfilter)  --->
              Core Netfilter Configuration  --->
                  <*>   "pkttype" packet type match support
Share:
17,877
Sandra
Author by

Sandra

Updated on September 18, 2022

Comments

  • Sandra
    Sandra almost 2 years

    I have two servers that uses ucarp as failover. On each server eth1:1 is reserved for ucarp's keepalive connection.

    ucarp uses the destination IP as multicast address 224.0.0.18.

    On ucarp master server is eth1:1's IP 192.168.245.2 and on the secondary serve is eth1:1's IP 192.168.245.3.

    Question

    I would like to make an iptables rule on each server, so these NIC's are not used by anyone by mistake. I.e. drop everything expect for ucarp.

    How would such a rule look like for the master server?

    I assume something like this?

    iptables -P INPUT -i eth1:1 -j DROP
iptables -A INPUT -i eth1:1  ? something with multicast ?  -j ACCEPT

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

What prevents a machine from responding to pings?
TCP connect: No route to host
Forwarding all incoming traffic on eth0 to go to eth1
How to use iptables to allow traffic only through ONE SPECIFIC VPN
blocking port 80 via iptables
How to use FQDN in firewall rules for GNU/Linux?
Redirect http using iptables for an ip range
iptables blocking from internet side on eth1?
IPtables string match for some URLs
Difference between iptables default policy to `DROP` and inserting a seperate policy in input chain to DROP all connections