May 08, 2011

Firehol and mDNS


Here is my firehol.conf that allows multicast mDNS packets through:


# define mdns so we will accept it
server_mdns_ports="udp/5353"
client_mdns_ports="5353"


interface eth+ multi
   policy return
   server mdns accept
   server multicast accept                                                                                                        


interface eth+ home src "${home_ips}"
    server  all         accept
    client  all         accept


Initially I had the server mdns accept and server multicast accept inside the home interface, but this didn't work. Firehol's developer, Mr Costa Tsaousis, pointed out that src "${home_ips}" on home would exclude broadcast packets sent from MAC addresses, thus the second interface definition (multi).

Cheers,
Steve