Re: Make multicast packets local-only?

From: "Lance F." <gaizin@xxxxxxxxx>
Date: 27 Feb 2007 17:44:33 -0800

On Feb 25, 3:33 pm, "Balwinder S \"bsd\" Dheeman"
<bsd.SANS...@xxxxxxxxxxxxxxxxx> wrote:

On 02/24/2007 06:43 AM, Lance F. wrote:

On Feb 23, 11:08 pm, "Balwinder S \"bsd\" Dheeman"
<bsd.SANS...@xxxxxxxxxxxxxxxxx> wrote:

On 02/23/2007 01:21 PM, Lance F. wrote:

The situation:
I have two computers, PC1 and PC2, each running multiple multicast-
utilizing applications (specifically, UPNP). Each app multicasts its
presence via SSDP (239.255.255.250), allowing other applications on
PC1 and PC2 to discover it.
My goal:
What I want to do is to prevent PC2 (and PC3, PC4, etc.) from
detecting multicast applications running on PC1. The PC1 apps must
still be able to detect each other, and also be able to detect
multicast apps on PC2.
Is this possible?

Yes, sure.

My second question, then, is how?

I've tried settings a rule with iptables, such as:

iptables -D OUTPUT -s <local ip> -d 239.255.255.250/32 -j DROP

... but then local applications can't see the packets, either.

I've also looked into mrouted, smcroute and pimd, but it looked like
they are used for a different purpose (routing between two different
interfaces).

Any suggestions on what software to use, what steps to take, etc.,
would be greatly appreciated.

Try these rules in the following sequence and, or order:

iptables -D OUTPUT -s <ip.add.ress.PC1> -d 239.255.255.250 -j ACCEPT
iptables -D OUTPUT -s <ip.add.ress.PC2> -d 239.255.255.250 -j ACCEPT
iptables -D OUTPUT -s <ur.lo.cal.net/work> -d 239.255.255.250 -j DROP

Thank you for the response.

Unfortunately, these rules do not produce the result I had been
looking for.

However, since that time I've realized that this method would not work
for my project, anyways. Along with blocking presence advertisements,
I also have to ignore incoming 'search' packets (but not other
incoming packets); a simple routing rule would not take care of both
of these issues.

- Lance F.

.

References:
- Make multicast packets local-only?
  - From: Lance F.
- Re: Make multicast packets local-only?
  - From: Balwinder S \"bsd\" Dheeman
- Re: Make multicast packets local-only?
  - From: Lance F.
- Re: Make multicast packets local-only?
  - From: Balwinder S \"bsd\" Dheeman

Prev by Date: openswan
Next by Date: cups printer does not like me
Previous by thread: Re: Make multicast packets local-only?
Next by thread: fiber optic cables
Index(es):
- Date
- Thread

Relevant Pages

Re: Make multicast packets local-only?
... utilizing applications. ... PC1 and PC2 to discover it. ... detecting multicast applications running on PC1. ... multicast apps on PC2. ...
(comp.os.linux.networking)
Re: Make multicast packets local-only?
... utilizing applications. ... PC1 and PC2 to discover it. ... detecting multicast applications running on PC1. ... multicast apps on PC2. ...
(comp.os.linux.networking)
Make multicast packets local-only?
... utilizing applications. ... PC1 and PC2 to discover it. ... detecting multicast applications running on PC1. ... multicast apps on PC2. ...
(comp.os.linux.networking)
Re: Make multicast packets local-only?
... utilizing applications. ... PC1 and PC2 to discover it. ... detecting multicast applications running on PC1. ... multicast apps on PC2. ...
(comp.os.linux.networking)