Community discussions

 
lrn23
just joined
Topic Author
Posts: 24
Joined: Mon Jan 07, 2019 10:24 am

block multicasts and broadcasts on bridge (except ARP)

Mon Mar 18, 2019 4:40 pm

Hello,
I have a problem. I have a machine connected to the network with approx. 100 IPs in my main subnet. But this machine most likely can't handle multicast and brodcast traffic on the network. I can't readdress it and put it behind the router. So I'm thinking about blocking unnecessary multicast and brodcast traffic on RB (except ARP of course). Is it possible? Or is there any better solution? Thank you for every suggestion...
 
lrn23
just joined
Topic Author
Posts: 24
Joined: Mon Jan 07, 2019 10:24 am

Re: block multicasts and broadcasts on bridge (except ARP)

Thu Mar 28, 2019 1:19 pm

I think, this is it (or at least I hope so :)).
/interface bridge filter
add chain=forward in-interface=ether1 mac-protocol=arp comment="allow ARP" action=accept
add chain=forward in-interface=ether1 packet-type=broadcast comment="drop broadcasts" action=drop
add chain=forward in-interface=ether1 packet-type=multicast comment="drop multicasts" action=drop

Who is online

Users browsing this forum: Bing [Bot] and 52 guests