Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
23.7 Legacy Series
»
Captive portal / spamming "tls clienthello on clear port" on console / ddos?
« previous
next »
Print
Pages: [
1
]
Author
Topic: Captive portal / spamming "tls clienthello on clear port" on console / ddos? (Read 590 times)
marirs
Newbie
Posts: 4
Karma: 0
Captive portal / spamming "tls clienthello on clear port" on console / ddos?
«
on:
December 08, 2023, 05:41:52 am »
When captive portal is enabled and someone connects a device like an Amazon Echo or a Firestick or Google speaker, the console is spammed with messages like:
2023-12-07T22:35:47.183132-06:00 router lighttpd 86435 - - (/usr/obj/usr/ports/www/lighttpd/work/lighttpd-1.4.71/src/h1.c.441) unexpected TLS ClientHello on clear port (10.102.80.10)
Each device seems to make a connection every ~second or so, so with multiple devices you get this message multiple times a second.
The problem seems to be that these devices are making requests to external ips, and this is intercepted by the hotspot and redirected to the hotspot portal. I'm not sure if multiple devices will overload the hotspot web server.
The only solution I can think of is to ban clients that repeatedly do this, but I'm not sure how to set up the firewall rules to do this?
Any other solution or workaround?
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
23.7 Legacy Series
»
Captive portal / spamming "tls clienthello on clear port" on console / ddos?