Hi Walter, as far as I know you can use the -p <protocol_number> parameter using iptables. iptables -A FORWARD -i br0 -p 139 -j DROP If you are using nftables nft add rule <table> <chain> ip protocol 139 drop should work. Regards, Andreas Am 06.09.2016 um 12:58 schrieb Walter H.: > Hello, > > does anybody know with which rule I can catch these entries: > > [317607.438061] IN=br0 OUT= MAC=ff:ff:ff:ff:ff:ff:4c:72:b9:56:16:3e:08:00 > SRC=0.0.0.0 DST=255.255.255.255 LEN=72 TOS=0x00 PREC=0x00 TTL=255 ID=1624 > PROTO=139 > > Thanks, > Walter > > -- > To unsubscribe from this list: send the line "unsubscribe netfilter" in > the body of a message to majordomo@xxxxxxxxxxxxxxx > More majordomo info at http://vger.kernel.org/majordomo-info.html
Attachment:
signature.asc
Description: OpenPGP digital signature
