firehol icon indicating copy to clipboard operation
firehol copied to clipboard

Published 20 hours ago verified publisher icon firehol

one-way interface

Open Mrten opened this issue 5 years ago • 0 comments

For multicast, it looks like I have to insert two interfaces:

interface4 "eth0" carp_in src 192.168.86.0/24 dst 224.0.0.18
  server ucarp accept

interface4 "eth0" carp_out dst 192.168.86.0/24 src 224.0.0.18
  server ucarp accept

which gets me pointless iptables rules like

Chain OUTPUT (policy DROP)
target     prot opt source               destination
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0
[...]
out_carp_in  all  --  224.0.0.18           192.168.86.0/24

and

Chain INPUT (policy DROP)
target     prot opt source               destination
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0
[...]
in_carp_out  all  --  224.0.0.18           192.168.86.0/24

Is there a way to prevent these?

Mrten avatar Nov 14 '19 15:11 Mrten