Hello,
I have here a strange blocking message about SSDP Protokoll Port 1900 from host which shouldn't exist there. My network topology is as of:
Internet
|
|
Provider IP
|
Cable Modem (Web API 192.168.0.1)
| |
| +-- 192.168.0.10 pfsense (old Setup, to be replaced)
|
+-- 192.168.0.111 (WAN)
OPNsense (current setup)
Dst '239.255.255.250' is the multicast SSDP adress with port 1900 (see [Simple Service Discovery Protocol](https://en.wikipedia.org/wiki/Simple_Service_Discovery_Protocol)) which I want to silent block next time; but, where from comes the source IP? There should be only the two from the senses, there is no WLAN on cable modem active!
Anyway, does the pf rule attached do the job (no idea about netmask and brastcast 'IP's)?