Hello list, I use net-firewall/shorewall to protect my machines; it's served me well for many years. My ISP gave me a FritzBox modem-router recently, in the hope of better media streaming, but it's spamming my LAN server with HTTP requests (port 80). The other machines are left alone; just this one is affected.
The many log entries are not a serious problem, just a nuisance, but I'd rather not have to put up with them. AVM, the modem's maker, says I should set shorewall up on this machine to accept either port-80 requests or unsolicited packets of type 0x88e1. That type is HomePlug Management, apparently, and the FritzBox is looking for any such devices on the LAN. I don't know why it's picked on this one machine to query, unless it's because it has the lowest IP address. Questions: 1. Will I be opening myself to external HTTP attacks if I open that port to the modem-router? I assume I will, though no such service is running - at the moment. 2. As far as I can see, shorewall filters only on ports, not packet types. If so, how can I specify a packet type to it? 3. Does anyone here know how to specify HomePlug in shorewall? Google hasn't helped much, nor has the Shorewall website, so I hope someone here has experience of this. -- Regards, Peter.
