mDNS query packets ?
If I bring up wlan0 device (manualy; NM stopped) I can see in Wireshark mDNS outgoing packets. E.g.:
Standard query ANY:
my_station_name [a7:ce:09:03:cd:03]._workstation._tcp.local: type ANY, class IN, "QM" question
(type ANY - request for all records)
I have following questions and problems:
1. which app sends this packets ? Avahi-daemon ?
2. Is it the try to get IP address in ZeroConf or what ?
3. the port 5353 is hard-wired allowed in ufw - it is not possible to deny it in user chain! Why is it soooooo necessary ?
4. I'm changing MAC address of my wifi card direct in udev config, bud in the mDNS query packet is shown the real HW address a7:ce:09:03:cd:03.
So my try to be anonymous fails! My real MAC is shown in "Name:" attribute of this packets :-(
Why ? SHould I report this as Bug of mDNS app ? Which one ?
4a. BTW in NM is allways shown the real MAC address too ?! Why is changed MAC ignored by NM and where gets from NM the orig MAC at all ?
5. In Wireshark are shown only IPv6 broadcasts. Why are not send IPv4 too ?
6. How to disable entirely that sh.. ?
I don't know, what is it for in Linux - maybe only in Win/Mac heterogen networks ?
7. The package libavahi-client3 is necessary for almost any app in system ?!
So is here risk of sending such packets by any possible app ?