I have a freshly setup CentOS 8 Stream host. I need to receive SSDP messages.
The problem is, as soon as firewalld is enabled, socat does not print anything.
socat UDP4-RECVFROM:1900,ip-add-membership=239.255.255.250:0.0.0.0,fork,reuseaddr -
As soon as i disable firewalld, i see ssdp messages.
I tried to allow it with: iptables -A INPUT -d 239.255.255.250/32 -p udp -m udp --dport 1900 -j ACCEPT but that does not work.
[root@docker-1 ~]# iptables -L -n
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT udp -- 0.0.0.0/0 239.255.255.250 udp dpt:1900
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 match-set upnp dst,dst
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp spt:1900
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:1900
Chain FORWARD (policy DROP)
target prot opt source destination
DOCKER-ISOLATION-STAGE-1 all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
DOCKER all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
DOCKER-USER all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
DOCKER all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
SET udp -- 0.0.0.0/0 239.255.255.250 udp dpt:1900 add-set upnp src,src exist
Chain DOCKER (2 references)
target prot opt source destination
Chain DOCKER-ISOLATION-STAGE-1 (1 references)
target prot opt source destination
RETURN all -- 0.0.0.0/0 0.0.0.0/0
Chain DOCKER-ISOLATION-STAGE-2 (0 references)
target prot opt source destination
RETURN all -- 0.0.0.0/0 0.0.0.0/0
Chain DOCKER-USER (1 references)
target prot opt source destination
RETURN all -- 0.0.0.0/0 0.0.0.0/0
Why does this with firewalld enabled not work?
The provided solution/iptables rule did not work either:
