On 19/03/14 13:46, Moshe Katz wrote:
On Mar 19, 2014 7:59 AM, "Brian Caouette" <bri...@dlois.com
<mailto:bri...@dlois.com>> wrote:
>
>
>
>
> -------- Original Message --------
> Subject:
> Firewall Log
> Date:
> Thu, 13 Mar 2014 12:48:33 -0400
> From:
> Brian Caouette <bri...@dlois.com <mailto:bri...@dlois.com>>
> To:
> pfSense support and discussion <list@lists.pfsense.org
<mailto:list@lists.pfsense.org>>
>
>
> Also seeing this in the log:
>
> Mar 13 11:37:36
> WAN
> 0.0.0.0:68 <http://0.0.0.0:68>
> 255.255.255.255:67 <http://255.255.255.255:67>
> UDP
> Mar 13 11:37:35
> WAN
> 0.0.0.0:68 <http://0.0.0.0:68>
> 255.255.255.255:67 <http://255.255.255.255:67>
> UDP
> Mar 13 11:37:34
> WAN
> 0.0.0.0:68 <http://0.0.0.0:68>
> 255.255.255.255:67 <http://255.255.255.255:67>
> UDP
> Mar 13 10:38:46
> WAN
> 0.0.0.0:68 <http://0.0.0.0:68>
> 255.255.255.255:67 <http://255.255.255.255:67>
> UDP
> Mar 13 10:38:44
> WAN
> 0.0.0.0:68 <http://0.0.0.0:68>
> 255.255.255.255:67 <http://255.255.255.255:67>
> UDP
> Mar 13 10:38:43
> WAN
> 0.0.0.0:68 <http://0.0.0.0:68>
> 255.255.255.255:67 <http://255.255.255.255:67>
> UDP
> Mar 13 09:58:24
> WAN
> 0.0.0.0:68 <http://0.0.0.0:68>
> 255.255.255.255:67 <http://255.255.255.255:67>
> UDP
> Mar 13 09:58:23
> WAN
> 0.0.0.0:68 <http://0.0.0.0:68>
> 255.255.255.255:67 <http://255.255.255.255:67>
> UDP
>
That is DHCP request traffic from some other device on the WAN. In
practice, most providers block this traffic from reaching you so that
you don't cause a DoS against other hosts on the network by giving out
random IP addresses that are not in the correct subnet for this
network. If you have done of your own devices on the WAN side, then
it is most likely that this is a normal DHCP request from one of
them. Otherwise, your ISP is either very trusting of its users or has
misconfigured something.
Moshe
_______________________________________________
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list
If you are on a DOCSIS this is normal.
There is no way for the provider to block traffic on a local loop
between clients.
It's just one big collision/broadcast domain.
Best regards
Matthias
_______________________________________________
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list