| 1 |
Hello list, |
| 2 |
|
| 3 |
I use net-firewall/shorewall to protect my machines; it's served me well for |
| 4 |
many years. My ISP gave me a FritzBox modem-router recently, in the hope of |
| 5 |
better media streaming, but it's spamming my LAN server with HTTP requests |
| 6 |
(port 80). The other machines are left alone; just this one is affected. |
| 7 |
|
| 8 |
The many log entries are not a serious problem, just a nuisance, but I'd |
| 9 |
rather not have to put up with them. |
| 10 |
|
| 11 |
AVM, the modem's maker, says I should set shorewall up on this machine to |
| 12 |
accept either port-80 requests or unsolicited packets of type 0x88e1. That |
| 13 |
type is HomePlug Management, apparently, and the FritzBox is looking for any |
| 14 |
such devices on the LAN. I don't know why it's picked on this one machine to |
| 15 |
query, unless it's because it has the lowest IP address. |
| 16 |
|
| 17 |
Questions: |
| 18 |
1. Will I be opening myself to external HTTP attacks if I open that port to |
| 19 |
the modem-router? I assume I will, though no such service is running - at the |
| 20 |
moment. |
| 21 |
2. As far as I can see, shorewall filters only on ports, not packet types. If |
| 22 |
so, how can I specify a packet type to it? |
| 23 |
3. Does anyone here know how to specify HomePlug in shorewall? |
| 24 |
|
| 25 |
Google hasn't helped much, nor has the Shorewall website, so I hope someone |
| 26 |
here has experience of this. |
| 27 |
|
| 28 |
-- |
| 29 |
Regards, |
| 30 |
Peter. |
Archives