#StackBounty: #iptables Running Ubuntu Router using Iptables Services; How to Block UPnP UDP Traffic Forwarding Between Private IP and …

Bounty: 50

I’ve currently got a Linux router running iptables-services. I’ve set up forwarding on the server and masquerade out as the public interface’s IP on the outbound using the POSTROUTING chain.

I’m trying to simulate a disconnect for an application I’m working on – as if the client sending traffic to my UDP port has stopped doing so, or alternatively my traffic returning to them stops. To achieve this, I’d like to drop traffic on the router itself.

Addresses for talking sake are for my machine, for router local interface, router public is, and public peer address is

I would like to drop traffic being forwarded by the router (with NAT masquerading) from my local IP destined for the public peer. Say drop all outbound UDP traffic on port 1000 from Or alternatively, do the same, but catch it on the inbound – so trying to reach my PC at

Any advice is welcomed. Have tried adding rules to numerous tables, but my familiarity with stateless transport protocols like UDP and how they work with iptables / forwarding really isn’t great. There also really aren’t many existing questions on the same topic either, so have struggled to find anything of use. Essentially, I want to interrupt / override the process of UPnP by blocking any traffic from reaching the UDP listen port on my local machine through the router.

Thanks in advance. If there’s anything I can add or change, please advise in the comments before downvoting as I’m always happy to improve my questions where possible.

Get this bounty!!!

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.