Blocking WAN multicast and drop log
-
I am getting frustrated with my ISP as they are allowing multicast data from others on their network so my firewall logs are filled up with these blocks. How can I setup a firewall rule for the WAN interface that will block all these attempts and then not log them?
I tried setting source = network (xxx.xxx.xxx.1/24) and then destination
WAN Net
andThis Firewall
but both seem to still are logging. :( -
You could create an alias with the multicast blocks:
https://www.iana.org/assignments/multicast-addresses/multicast-addresses.xhtmlAfter that, you create a firewall rule in your WAN interface, setting this alias as destination, and mark the not log option.
And also I would like to recommend you to change the ISP... that is not good
-
Thank you @mcury I will give that a try. Unfortunately this is the best ISP around, I have never had this happen at other locations with same ISP. I called them about it but the support rep was like "is service impacted, if not then whats the problem." :(
-
@MUST-UPON-TURN Hm, maybe there is a bad switch around? Providers go to the last mile only.. The infra inside could be the culprit..