I've just noticed some strange log messages emitted by 'dhcpcd' on -current (7.99.32). I've seen these on i386, amd64, and evbarm-earmv7hf.
They are of the form: Jun 18 12:56:53 hostname dhcpcd[PID]: wm0: invalid UDP packet from 19.100.192.168 Jun 18 12:56:53 hostname dhcpcd[PID]: wm0: invalid UDP packet from 20.12.192.168 Jun 18 14:15:22 hostname dhcpcd[PID]: wm0: invalid UDP packet from 119.16.192.168 Jun 23 21:48:35 hostname dhcpcd[PID]: wm0: invalid UDP packet from 150.129.192.168 Jun 23 18:57:32 hostname dhcpcd[PID]: wm0: invalid UDP packet from 163.85.192.168 Jun 24 02:56:29 hostname dhcpcd[PID]: wm0: invalid UDP packet from 76.24.192.168 Needless to say, the purported source IPs are not on my network. My NAT router blocks all incoming traffic except SSH, HTTP, HTTPS and those are specifically redirected to hosts other than the ones from which the above data were gathered. It is curious how they all share the attribute that their last two octets are the Class C private allocation prefix. These same machines (and others), while running NetBSD-7.0_STABLE (amd64, i386, sparc) with 'dhcpcd', have not exhibited such messages. (Alas, there are some redmond-OS machines on my network--not by my choice....) I'm watching the interface with 'tcpdump' on one of the affected machines to see if I can get more information. -- |/"\ John D. Baker, KN5UKS NetBSD Darwin/MacOS X |\ / jdbaker[snail]mylinuxisp[flyspeck]com OpenBSD FreeBSD | X No HTML/proprietary data in email. BSD just sits there and works! |/ \ GPGkeyID: D703 4A7E 479F 63F8 D3F4 BD99 9572 8F23 E4AD 1645
