1 |
Hello list, |
2 |
|
3 |
I use net-firewall/shorewall to protect my machines; it's served me well for |
4 |
many years. My ISP gave me a FritzBox modem-router recently, in the hope of |
5 |
better media streaming, but it's spamming my LAN server with HTTP requests |
6 |
(port 80). The other machines are left alone; just this one is affected. |
7 |
|
8 |
The many log entries are not a serious problem, just a nuisance, but I'd |
9 |
rather not have to put up with them. |
10 |
|
11 |
AVM, the modem's maker, says I should set shorewall up on this machine to |
12 |
accept either port-80 requests or unsolicited packets of type 0x88e1. That |
13 |
type is HomePlug Management, apparently, and the FritzBox is looking for any |
14 |
such devices on the LAN. I don't know why it's picked on this one machine to |
15 |
query, unless it's because it has the lowest IP address. |
16 |
|
17 |
Questions: |
18 |
1. Will I be opening myself to external HTTP attacks if I open that port to |
19 |
the modem-router? I assume I will, though no such service is running - at the |
20 |
moment. |
21 |
2. As far as I can see, shorewall filters only on ports, not packet types. If |
22 |
so, how can I specify a packet type to it? |
23 |
3. Does anyone here know how to specify HomePlug in shorewall? |
24 |
|
25 |
Google hasn't helped much, nor has the Shorewall website, so I hope someone |
26 |
here has experience of this. |
27 |
|
28 |
-- |
29 |
Regards, |
30 |
Peter. |