This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Internal IP-Spoofing

Can't figure out why the packet filter log is filling up with 'IP-SPOOFING notifications. The source ip's are all of my internal ip's the distination is 10.0.0.255 all UDP to ports 137 and 138.

Anyone know how to stop this -- it is causing Astaro to stop accepting real requests.

Thanks in advance.

This thread was automatically locked due to age.

0 VelvetFog over 21 years ago in reply to enodev

Broadcast traffic is not supposed to leave your LAN. ASL log drops it by default. The problem with that, is that it fills up your logs. So, when you create the specific drop filters for your broadcast traffic, you are not dropping packets, since they are already being dropped, you are just changing the drop commands from "log drop" to "drop", which gets rid of the log entries.
Cancel
Vote Up 0 Vote Down

Cancel