Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
18.7 Legacy Series
»
Broadcast flood generated by firewall
« previous
next »
Print
Pages: [
1
]
Author
Topic: Broadcast flood generated by firewall (Read 2716 times)
Andreas_
Jr. Member
Posts: 63
Karma: 1
Broadcast flood generated by firewall
«
on:
November 23, 2018, 05:46:24 pm »
There are some smartphones that will connect via wireless to one LAN or another, depending on app needs. Apparently, IOS phones may remember the old IP address, and sending out UDP broadcasts for quite some stuff (SMB, dropbox, spotify) using the old IP address (network A) on a LAN that has another network B.
Even if the iPhone is disconnected, about 4000 packets/s are still broadcasted, originating from the firewall's B network, but broadcasting A-sourced packets.
I have invented block rules
- for specific UDP ports
- for 255.255.255.255 destination
- for any packets that don't originate from that interface's network
Still, these broadcast storms from the firewall persist.
To stop the storm, I need to issue pfctl -d ; pfctl -e
I'm running out of ideas.
card/pfsync pair of opnsense, sometimes the master is the source of the broadcasts, sometimes the backup.
Anybody a clue for me?
Regards
Andreas
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
18.7 Legacy Series
»
Broadcast flood generated by firewall