Hi, Op 18-07-2022 om 11:28 schreef Miroslav Lichvar:
No, there is no option to disable management messages.
I managed to do it on the layer 3 level with iptables and am happy with the result (want to do some further testing though).
L2 Should be doable in a similar fashion, but I don't need that for now. Method one:iptables -A INPUT -i eno2 -p udp --dport 320 -m string --algo bm --from 28 --to 29 --hex-string '|0d|' -j DROP -m comment --comment "DROP Management message" ip6tables -A INPUT -i eno2 -p udp --dport 320 -m string --algo bm --from 48 --to 49 --hex-string '|0d|' -j DROP -m comment --comment "DROP Management message"
Alternative method:iptables -A INPUT -i eno2 -p udp --dport 320 -m u32 --u32 "25 & 0xFF = 0x0d" -j DROP -m comment --comment "DROP Management message" ip6tables -A INPUT -i eno2 -p udp --dport 320 -m u32 --u32 "45 & 0xFF = 0x0d" -j DROP -m comment --comment "DROP Management message"
Feedback welcome! DISCLAIMER (and some advice):Please use a your own risk and try to understand what the rules are doing, before actually applying them.
-- Marco
OpenPGP_signature
Description: OpenPGP digital signature
_______________________________________________ Linuxptp-users mailing list Linuxptp-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/linuxptp-users
