1 |
On 2020-08-15, Sid Spry <sid@××××.us> wrote: |
2 |
> On Fri, Aug 14, 2020, at 5:06 PM, Grant Edwards wrote: |
3 |
>> [...] |
4 |
>> |
5 |
>> > iptables -A OUTPUT -o <interface> -m owner --uid-owner plex -j DROP |
6 |
>> |
7 |
>> I can confirm, that did indeed work as desired. |
8 |
>> |
9 |
>> Even with the kernel rebuild it was far less work than getting set up |
10 |
>> to run a docker container (which also would have required a kernel |
11 |
>> rebuild) or running the server in a separate network namespace. |
12 |
>> |
13 |
>> [...] |
14 |
> |
15 |
> Are you able to see any perf impact from the generated but dropped |
16 |
> packets? |
17 |
|
18 |
I haven't tried, but I it's detectable. Plex only sends out a handful |
19 |
of packets every 5-10 seconds. It wouldn't really matter except that |
20 |
the interface I want it to leave alone is attached to an internal |
21 |
network I use to develop/test IoT and industrial Ethernet devices, and |
22 |
I want to be able to run tests that are as predictable and repeatable |
23 |
as possible. |
24 |
|
25 |
It would probably be better to run Plex on a separate, small, silent, |
26 |
low-power, headless server but I've already got enough machines to |
27 |
maintain. |
28 |
|
29 |
-- |
30 |
Grant |