On 06.09.2016 14:18, André Paulsberg-Csibi (IBM Consultant) wrote:
It is long time since I used WinXP , and Win7 - Win8 has passed and now WinX is the only thing and most of their "garbage" packages was removed using the parameter in DHCP : option netbios-node-type 0x2; option wpad code 252 = text; option wpad "\n\000"; ( I cannot stop all their garbage , because they need it for their "sharing" tools ) But DHCP INFORM and HIP and other excessive BC I have not seen in my home for quite some time so I am pretty sure most is gone ... IF that does not stop it - try to google it , if it is not possible you may just have to live with blocking it ...
ok due to this at the beginning of iptables *filter :INPUT DROP [0:0] :FORWARD DROP [0:0] :OUTPUT DROP [0:0] and this at the end of iptables -A INPUT -j LOG --log-prefix "IP[IN]: " --log-level 7 -A FORWARD -j LOG --log-prefix "IP[FWD]: " --log-level 7 -A OUTPUT -j LOG --log-prefix "IP[OUT]: " --log-level 7 COMMITthese pakets are already dropped but they are also logged and fill the log not neccessarily;
so somewhere between this rule # Block HIP (Host Identity Protocol): prevent from logging -A INPUT -i br0 -p hip -j REJECT keeps from logging Thanks, Walter
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
