I'm using ufw, the "uncomplicated firewall", and have a fairly standard setup where everything except incoming port 22 (ssh) gets denied. However, my syslog gets filled up with tons of junk like this:
Code:
[UFW BLOCK INPUT]: IN=eth0 OUT= MAC=[scrubbed] SRC=[scrubbed] DST=255.255.255.255 LEN=207 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=631 DPT=631 LEN=187
which I believe are broadcast packets from CUPS printers on the network, etc. I would like to keep ufw logging enabled, but would like these events to stop appearing in the log. One simple solution is to just allow all packets destined to 255.255.255.255 (i.e. those destined to the standard limited broadcast address) which can be accomplished with
Code:
sudo ufw allow to 255.255.255.255
Is there any danger in allowing all incoming broadcast packets?
Thanks,
zeus77
Bookmarks