Date: Tue, 11 Sep 2012 11:05:42 -0400 From: Brandon Allbery <allbery.b@gmail.com> To: Damien Fleuriot <ml@my.gd> Cc: "Shiv. Nath" <prabhpal@digital-infotech.net>, "freebsd-stable@freebsd.org" <freebsd-stable@freebsd.org> Subject: Re: PF Configuration - FreeBSD Release 9.0 x64 Message-ID: <CAKFCL4U8wN5vOZ7DRLLck5tpXFi9U_f=E8NSm7ieO-4TBqYHqQ@mail.gmail.com> In-Reply-To: <A41AC173-339A-49DB-9AAB-5079D6B1001C@my.gd> References: <504EF33A.7080304@digital-infotech.net> <A41AC173-339A-49DB-9AAB-5079D6B1001C@my.gd>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Sep 11, 2012 at 4:26 AM, Damien Fleuriot <ml@my.gd> wrote: > On 11 Sep 2012, at 10:15, "Shiv. Nath" <prabhpal@digital-infotech.net> > wrote: > > It is FreeBSD Release 9.0 x64 and i see this log very frequent almost > every second, And i want to block this IP from reaching my server. i > configured the PF as following but still see the same logs, it is like it > did not work. > > > > Sep 11 07:49:56 titan avahi-daemon[1567]: Received response from host > 41.211.2.239 with invalid source port 4331 on interface 'em0.0' > > It says it received a *response* so my understanding is *you* are trying > to connect. > But it's avahi (a zeroconf implementation) so the response is to a broadcast; the remote machine in question may also be broadcasting. I would actually question why avahi is even enabled on a server; perhaps the correct answer is simply to disable it in rc.conf. -- brandon s allbery allbery.b@gmail.com wandering unix systems administrator (available) (412) 475-9364 vm/sms
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAKFCL4U8wN5vOZ7DRLLck5tpXFi9U_f=E8NSm7ieO-4TBqYHqQ>