Disable SSDP emissions from Chromium04 August 2019
I was doing some packet sniffing, and was noting a lot of UDP packets — a sample one is shown below from Wireshark — which I did not recognise. After some investigation it transpired they were Simple Service Discovery Protocol packets being emitted by Chromium. I am not normally bothered about SSDP per-se but what did bother me was that the packets were going out on an interface I was using for isolated-network testing, and they were spoiling my experiments. Therefore they needed to be disabled.
Turning them off (supposed approach)After a bit of searching I came across various websites that mentioned browsing to
chrome://flags/upon which point there are various settings quoted as the one that controls device discovery. I am not sure which one is actually supposed to disable SSDP so I set them all to Disabled:
- Load Media Router Component Extension
- Connect to Cast devices on all IP addresses
- Device Discovery Notifications
Blocking SSDP using iptablesBy this point as far as I was concerned, Chromium was not honouring its own settings, so it could not be trusted to do what it was told. Therefore the only option left is to setup my local firewall to block the packets:
iptables -I OUTPUT -p udp --dport 1900 -j REJECT
Not an SSDP packet since.