Reply To: Surviving a reboot…

Forums Network Management ZeroShell Surviving a reboot… Reply To: Surviving a reboot…


>I need to avoid broadcast tempest through zeroshell=bridge

My tests :

IPTABLES can’t filter Multicast !

But fulvio added ebtables in zeroshell. That’s the solution !!!!

In [Setup][Startup] of the web interface, I add :

ebtables -A FORWARD -d Multicast –limit 100/second -j ACCEPT
ebtables -A FORWARD -d Multicast -j DROP

Test 1)
I create a broadcast tempest on SEGMENT 1
The problem isn’t transmetted on SEGMENT 2

Test 2) VLC sends a video on SEGMENT 2

On SEGMENT 1 , video is very bad quality. OK for me

root@zeroshell root> ebtables -L –Lc
Bridge table: filter

Bridge chain: INPUT, entries: 0, policy: ACCEPT

Bridge chain: FORWARD, entries: 2, policy: ACCEPT
-d Multicast limit: avg 100/sec burst 5 -j ACCEPT , pcnt = 1778 — bcnt = 2374091
-d Multicast -j DROP , pcnt = 2017 — bcnt = 2735052

Bridge chain: OUTPUT, entries: 0, policy: ACCEPT