Page 1 of 1

UFW logging and blocks

Posted: 18 Nov 2016 16:30
by bin
My logs are getting a lot of :-

[UFW BLOCK] IN=wlan0 OUT= MAC=01:00:5e:00:00:01:router mac address:08:00 SRC=192.168.1.254 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0xC0 TTL=1 ID=30122 DF PROTO=2

in my message logs.

From what I can fathom by searching this is something to do with Multicast and UFW.

Now, my machine is on a home network with a stock NAT ISP supplied router with all inbound ports blocked. Once in a blue moon it goes on my Mifi device if in use away from home - that also uses a private network address.

So - the question is do I really need UFW on all the time. I have no need for Multicast that I'm aware of.

Thanks

Re: UFW logging and blocks

Posted: 18 Nov 2016 21:40
by kurotsugi
I'd say having additional security layer technically is better. there's no harm having ufw enabled so we can leave it enabled.