"rule": "FROM all vms TO ip <bcast> BLOCK udp PORTS 1 - 65535",
where <bcast> is the local net's broadcast address seems to stop
udp traffic between VMs on the same node. Alas the packets still
leave the machine over the network card.
I tried the ipf rule
block out proto udp from any to 255.255.255.255
but it does not stop the traffic. UDP blocking does not work for
any non-broadcast-IP either. Does anybody have a working outbound UDP
filtering set up?
Kind Regards,
Stefan
Am 06.06.2018 19:57, schrieb Stefan:
Hi!
From any VM one can generate UDP broadcasts:
# socat - UDP-DATAGRAM:255.255.255.255:24000,broadcast
How do I stop a vm from emitting UDP broadcasts? Firewalling to IP
255.255.255.255 does not work:
"rule": "FROM all vms TO IP 255.255.255.255 BLOCK udp PORTS
1-65535",
# fwadm add -f stop-udp-bcast
IPv4 address "255.255.255.255" is invalid
Kind Regards,
Stefan
-------------------------------------------
smartos-discuss
Archives: https://www.listbox.com/member/archive/184463/=now
Modify Your Subscription: https://www.listbox.com/member/?member_id=25769125
Powered by Listbox: http://www.listbox.com
