LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices


Reply
  Search this Thread
Old 08-27-2009, 08:24 PM   #1
qspares
LQ Newbie
 
Registered: Oct 2004
Posts: 14

Rep: Reputation: 0
multicast and firewall, Please help!


Hi! Could someone pass me the syntax to enable certain(or all) multicast address in iptables?

I have a program does multicast, it runs well only if I shut down my firewall.

I am using Fedora 9.

Thanks in advance!
 
Old 08-28-2009, 01:14 AM   #2
kbp
Senior Member
 
Registered: Aug 2009
Posts: 3,790

Rep: Reputation: 653Reputation: 653Reputation: 653Reputation: 653Reputation: 653Reputation: 653
Hi qspares,

You could try something like:

iptables -A INPUT -m addrtype --src-type MULTICAST -j ACCEPT


cheers,

kbp
 
Old 08-29-2009, 02:00 PM   #3
qspares
LQ Newbie
 
Registered: Oct 2004
Posts: 14

Original Poster
Rep: Reputation: 0
Tried it, but doesn't seem to work, also tried dst-type, still doesn't work.
As soon as I shut the firewall off, I immediately got the multicast packages

 
Old 08-29-2009, 10:56 PM   #4
kbp
Senior Member
 
Registered: Aug 2009
Posts: 3,790

Rep: Reputation: 653Reputation: 653Reputation: 653Reputation: 653Reputation: 653Reputation: 653
Could you post the whole iptables config please qspares?

'iptables -L'

thanks
 
Old 08-30-2009, 11:22 AM   #5
qspares
LQ Newbie
 
Registered: Oct 2004
Posts: 14

Original Poster
Rep: Reputation: 0
Here it is:

rt@sun#/>iptables -A INPUT -m addrtype --src-type MULTICAST -j ACCEPT
rt@sun#/>iptables --list
Chain INPUT (policy ACCEPT)
target prot opt source destination
DROP all -- softbank220000000000.bbtec.net/6 anywhere
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT icmp -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:yo-main
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:domain
ACCEPT udp -- anywhere anywhere state NEW udp dpt:domain
ACCEPT udp -- anywhere anywhere state NEW udp dpt:netbios-ns
REJECT all -- anywhere anywhere reject-with icmp-host-prohibited
ACCEPT all -- anywhere anywhere ADDRTYPE match src-type MULTICAST

Chain FORWARD (policy ACCEPT)
target prot opt source destination
REJECT all -- anywhere anywhere reject-with icmp-host-prohibited

Chain OUTPUT (policy ACCEPT)
target prot opt source destination
rt@sun#/>
 
Old 08-30-2009, 05:28 PM   #6
kbp
Senior Member
 
Registered: Aug 2009
Posts: 3,790

Rep: Reputation: 653Reputation: 653Reputation: 653Reputation: 653Reputation: 653Reputation: 653
Hi qspares,

I see the problem, you have a 'reject all' line, you will need to insert the multicast line before this one.

Use 'iptables -L --line-numbers' to display the line number of each rule then change:

iptables -A INPUT -m addrtype --src-type MULTICAST -j ACCEPT

to

iptables -I INPUT rule_number -m addrtype --src-type MULTICAST -j ACCEPT

where rule_number is the line before the 'reject all' line

cheers,

kbp
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Multicast vprakash Linux - Networking 0 09-19-2007 07:07 AM
Can I Multicast? donbellioni Linux - Networking 1 09-16-2005 01:36 PM
multicast WiWa Linux - Software 0 02-17-2004 04:27 PM
multicast det_funkar Linux - Networking 0 12-18-2002 03:04 AM
Multicast mistkhan Linux - Networking 0 06-12-2001 02:26 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Software

All times are GMT -5. The time now is 08:22 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration