Block IPv4 link-local



  • I have done a search for this and have not even found anything close to what I am looking for.

    In my firewall logs I keep seeing Block IPv4 link-local caused by my DirectTV equipment.  I want to be able to see what is hitting the firewall and getting blocked by the default rules, however I do NOT want to see this over and over again.  I have tried to make a rule to specifically block the IP and tell it NOT to report, but it is blocked before the rule so it still shows up and it has no effect.

    Disabling the logging of the default is not an option as I would like to see when stuff gets blocked!

    Is there any way to disable just the "Block IPv4 link-local" from reporting to the firewall log!

    I have also tried turning off the log rule, and making my own catch all rule at the bottom, however this did not work as it started blocking stuff that should have been allowed, but wasn't a direct rule.

    Thank you for any help



  • No way to override those with user-defined rules. Disabling default block logging will disable logging on that rule as well. Since you don't want to do that, probably your best option is disabling the auto-added rules there, and adding your own rule to block and not log on LAN for source 169.254.0.0/16. Go to Diag>Command, in PHP Execute box, run:

    $config['system']['no_apipa_block'] = true; 
    write_config();
    

    and those rules will be gone. Then add the block rule on LAN without logging.



  • Thank you, exactly what I was looking for!  After days of searching, I finally just decided heck with it I will ask a question! :)  Thank you for the assistance..


Log in to reply