vyos/vyos-documentation
1
0
Fork 0
mirror of https://github.com/vyos/vyos-documentation.git synced 2025-10-26 08:41:46 +01:00
Code Issues Packages Projects Releases Wiki Activity

Added firewall recommendations to the mDNS topic (#1669)

Browse Source 
Added firewall recommendations to the mDNS topic.
This commit is contained in:
aapostoliuk 2025-08-26 18:35:49 +03:00 committed by GitHub
parent dff952a88b
commit 4081daff9c
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 25 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
docs/configuration/service/mdns.rst
View File

@ -53,6 +53,31 @@ Configuration
Defaults to: 4096 Defaults to: 4096
Firewall recommendations
========================
Unlike typical routed traffic, mDNS packets relayed between interfaces do not
traverse the FORWARD hook chain in the firewall. Instead, they are processed
through the following hooks:
- **INPUT**: For packets received by the local system
- **OUTPUT**: For packets sent from the local system
To control or allow mDNS packet forwarding via the relay, you must define
appropriate rules in the INPUT and OUTPUT directions. Rules in the FORWARD
direction will have no effect on mDNS relay traffic.
.. code-block:: none
set firewall ipv4 input filter rule 10 action 'accept'
set firewall ipv4 input filter rule 10 destination address '224.0.0.251'
set firewall ipv4 input filter rule 10 destination port '5353'
set firewall ipv4 input filter rule 10 protocol 'udp'
set firewall ipv4 output filter rule 10 action 'accept'
set firewall ipv4 output filter rule 10 destination address '224.0.0.251'
set firewall ipv4 output filter rule 10 destination port '5353'
set firewall ipv4 output filter rule 10 protocol 'udp'
Example Example
======= =======