Disable SSDP emissions from Chromium

04 August 2019
I was doing some packet sniffing, and was noting a lot of UDP packets — a sample one is shown below from Wireshark — which I did not recognise. After some investigation it transpired they were Simple Service Discovery Protocol packets being emitted by Chromium. I am not normally bothered about SSDP per-se but what did bother me was that the packets were going out on an interface I was using for isolated-network testing, and they were spoiling my experiments. Therefore they needed to be disabled.

Wireshark dump

Turning them off (supposed approach)

After a bit of searching I came across various websites that mentioned browsing to chrome://flags/ upon which point there are various settings quoted as the one that controls device discovery. I am not sure which one is actually supposed to disable SSDP so I set them all to Disabled:

Load Media Router Component Extension
Connect to Cast devices on all IP addresses
Device Discovery Notifications

One small problem: None of the above actually stop SSDP packets.

Blocking SSDP using iptables

By this point as far as I was concerned, Chromium was not honouring its own settings, so it could not be trusted to do what it was told. Therefore the only option left is to setup my local firewall to block the packets:

iptables -I OUTPUT -p udp --dport 1900 -j REJECT

Not an SSDP packet since.