Tim,
One more shot at this before I give up...
I created a sample rule using the GUI. Does your rule look like this one?
~Ed
On 2/23/2015 11:48 AM, Tim Hogan wrote:
Ed,
I have version 2.1.46.30093 installed on my NAS which is newer than
the link below. I have also discovered burred under the noise being
created by the NAS that I have one other device also generating the
same type of traffic, just not as often. This other device was my
Samsung Tablet and I found that if I turned off the media discovery
service on the table that the traffic stopped. I have disabled media
sharing on the NAS but the traffic is still being generated.
My point here is not to fix broken implementations that various
vendors put in place but instead my feeling that I should be able to
have some control over the "built-in" rules and prevent logging if I
so desire.
Regards,
Tim
On 2/23/2015 8:40 AM, Edward Servello wrote:
Hi again Tim,
Does your NAS device have the most recent firmware applied. I found
this article with a link to firmware on the Lenovo site.
https://lenovo-na-en.custhelp.com/app/answers/detail/a_id/24661/kw/2.1.38.22294/related/1
~Ed
On Mon, Feb 23, 2015 at 8:56 AM, Tim Hogan <[email protected]
<mailto:[email protected]>> wrote:
Ed,
I agree that it would be nice to be able to stop this at the
source however, the source is an iOmega ix-200d appliance. I have
manually set the IP address in the GUI but who knows how iOmega
has built this thing. I have noticed that this traffic does not
start right after a reboot. It takes a couple of minutes which
makes me think that there is some process that starts up that is
generating this traffic. But without control at the OS layer I do
not know how to stop it. So my option it to try and quite the
noise.
Regards,
Tim
On 2/22/2015 11:20 AM, Edward Servello wrote:
Hello Tim,
The problem appears in pfSense Issue 2073
<https://redmine.pfsense.org/issues/2073>.
The APIPA address (autoIP 169.254) is not valid on the
interface that's logging the error. That may be blocked and
logged by pfSense before the user-defined rules are applied.
Could the NAS be using the APIPA addresses because it's not
getting a response from DHCP? Did you try assigning a fixed,
valid address on the NAS to stop it from falling back to
169.254? It might be better overall to address the root cause
rather than stopping the logging.
~Ed
On 2/22/2015 9:25 AM, Tim Hogan wrote:
Hello All,
I am using pfSense v2.2 and I have been seeing a bunch of
firewall log entries blocking traffic to the
169.254.0.0/16 <http://169.254.0.0/16> netblock. This
traffic seems to be created by an older NAS that I have
and I really do not want these message in my logs. So, my
thought was that I would create a rule on my LAN to block
that traffic and I would just make sure that the "log
traffic" option was unchecked. That did not work. When I
look at the log entry I see the following message.
The rule that triggered this action is:
@8(1000000102) block drop in log quick inet from any to
169.254.0.0/16 <http://169.254.0.0/16> label "Block IPv4
link-local"
Where on earth is that rule so I can remove the log
option? Or is there a setting that I missed somewhere?
Thanks,
Tim
_______________________________________________
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold
_______________________________________________
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold
_______________________________________________
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold
_______________________________________________
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold
_______________________________________________
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold
_______________________________________________
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold
