Strange firewall behavior with latest snapshot
-
My Firewall log shows this since updating:
Aug 15 07:02:31 WAN 10.127.128.1:67 255.255.255.255:68 UDP
Aug 15 07:02:31 WAN 10.127.128.1:67 255.255.255.255:68 UDP
Aug 15 07:02:27 WAN 10.127.128.1:67 255.255.255.255:68 UDP
Aug 15 07:02:27 WAN 10.127.128.1:67 255.255.255.255:68 UDP
Aug 15 07:02:24 WAN 10.127.128.1:67 255.255.255.255:68 UDP
Aug 15 07:02:24 WAN 10.127.128.1:67 255.255.255.255:68 UDP
Aug 15 07:02:22 WAN 10.127.128.1:67 255.255.255.255:68 UDP
Aug 15 07:02:12 WAN 10.127.128.1:67 255.255.255.255:68 UDP
Aug 15 07:02:12 WAN 10.127.128.1:67 255.255.255.255:68 UDP
Aug 15 07:02:10 WAN 10.127.128.1:67 255.255.255.255:68 UDP
Aug 15 07:02:07 WAN 10.127.128.1:67 255.255.255.255:68 UDP
Aug 15 07:02:07 WAN 10.127.128.1:67 255.255.255.255:68 UDPThe FW blocks that, though I got no host with 10.127.128.1 running…
-
Seems you receive packets from the DHCP protocol (from port 67 => to 68) on your WAN interface.
I think you can live with this…. harmless.
-
That's always been there I'm sure, there was a stray rule that didn't do anything with that traffic but didn't drop it either that's been removed, so it's now being logged as blocked.
It's just noise, I'd add a block rule on the WAN for destination 255.255.255.255 with no logging to get rid of the log noise.
-
Thanks for the tip, that did the trick, the "noise" is gone
-
This doesnt really work if you have Block Private Networks checked in Interfaces: WAN as it becomes your top most rule and automatically logs the traffic