[pve-devel] ipv6 multicast filter

Dietmar Maurer dietmar at proxmox.com
Mon Nov 10 11:51:01 CET 2014


Does not work with 2.6.32. But maybe we can simply use 

-d ff00::/8

to match ipv6 multicast traffic?


> -----Original Message-----
> From: Alexandre DERUMIER [mailto:aderumier at odiso.com]
> Sent: Montag, 10. November 2014 11:39
> To: Dietmar Maurer
> Cc: pve-devel at pve.proxmox.com
> Subject: Re: ipv6 multicast filter
> 
> >># ip6tables -A INPUT -m addrtype --dst-type MULTICAST -j DROP
> >>ip6tables: No chain/target/match by that name.
> >>
> >>Any ideas whats wrong?
> 
> Strange, It's working for me (kernel 3.10)
> 
> #ip6tables -A INPUT -m addrtype --dst-type MULTICAST -j DROP
> 
> 
> # ip6tables-save
> # Generated by ip6tables-save v1.4.14 on Mon Nov 10 11:38:27 2014 *filter
> :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] -A INPUT
> -m addrtype --dst-type MULTICAST -j DROP COMMIT
> 
> 
> ----- Mail original -----
> 
> De: "Dietmar Maurer" <dietmar at proxmox.com>
> À: "Alexandre DERUMIER (aderumier at odiso.com)" <aderumier at odiso.com>,
> pve-devel at pve.proxmox.com
> Envoyé: Lundi 10 Novembre 2014 11:30:42
> Objet: ipv6 multicast filter
> 
> 
> 
> Below command does not work for me:
> 
> # ip6tables -A INPUT -m addrtype --dst-type MULTICAST -j DROP
> ip6tables: No chain/target/match by that name.
> 
> Any ideas whats wrong?



More information about the pve-devel mailing list