[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Many IANA UPnP broadcasts... ?

Since 4 days my pf logs are filled with thousands of lines generated by
blocked broadcasts from IANA ip4 ranges. At least I think they are
broadcasts from IANA. The source port continuously shifts one up but
the destination port stays the same `1900', all packets with a ttl of
1.  I honestly don't know why they are broadcasting these to me.

I may be misunderstanding you, and my apologies if I have, but 169.254/16 isn't an IANA IP4 range in the sense that they use it. It is IANA reserved for RFC 3330, which describes link-local addresses. Several OSes (like Windows and OSX) use link-local for DHCP fallback. But this traffic isn't coming from the IANA at all.

Below I pasted some entry's from my pf log, would be great of someone
could elaborate on what to do next.

You may want to drop link-local, along with RFC1918, at your border router.

cheers, Matt