Hello Tim,
The problem appears in pfSense Issue 2073
<https://redmine.pfsense.org/issues/2073>.
The APIPA address (autoIP 169.254) is not valid on the interface that's
logging the error. That may be blocked and logged by pfSense before the
user-defined rules are applied. Could the NAS be using the APIPA
addresses because it's not getting a response from DHCP? Did you try
assigning a fixed, valid address on the NAS to stop it from falling back
to 169.254? It might be better overall to address the root cause rather
than stopping the logging.
~Ed
On 2/22/2015 9:25 AM, Tim Hogan wrote:
Hello All,
I am using pfSense v2.2 and I have been seeing a bunch of firewall log
entries blocking traffic to the 169.254.0.0/16 netblock. This traffic
seems to be created by an older NAS that I have and I really do not
want these message in my logs. So, my thought was that I would create
a rule on my LAN to block that traffic and I would just make sure that
the "log traffic" option was unchecked. That did not work. When I
look at the log entry I see the following message.
The rule that triggered this action is:
@8(1000000102) block drop in log quick inet from any to 169.254.0.0/16
label "Block IPv4 link-local"
Where on earth is that rule so I can remove the log option? Or is
there a setting that I missed somewhere?
Thanks,
Tim
_______________________________________________
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold
_______________________________________________
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold
