Menu
What's new
By:
Filters Better Search

169.254.7.119 and 192.168.49.1 going to internet?

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

O

OzTechGeek

New Around Here
Hi,

First time poster long-long time reader

I just rebuilt my network and replaced my gateway with an EdgeRouter, as part of my testing I have blocked all internet traffic outbound, but I noticed all 5 of my Asus routers on Merlin 380.65 are trying to connect via the internet (eth0) to 169.254.7.119 and 192.168.49.1, the Asus routers are all setup in AP mode only, and I thought I had disabled everything but they are continuously flodding the firewall with these requests:

DST=169.254.7.119
PROTO=TCP
DPT=63444

DST=192.168.49.1
PROTO=ICMP
PROTO=UDP
DPT=1008

Has anybody seen this before or know where it is coming from?

Thanks
 
First one is probably from avahi. Second one I'm not sure, because you mention both UDP and ICMP - it's either one or the other.

Note that if they are in AP mode, then they don't "connect to the Internet", since they have no separate notion of a WAN and a LAN. All ports are considered to be part of a LAN.
 
EdgeRouter Log Entry for 192.168.49.1

Code: 
[WAN_OUT-130-D]IN=switch0 OUT=eth0 MAC=80:2a:a8:5c:09:2f:f0:79:59:d7:bb:68:08:00 SRC=10.10.254.247 DST=192.168.49.1 LEN=329 TOS=0x00 PREC=0xC0 TTL=63 ID=35606 PROTO=ICMP TYPE=3 CODE=3 [SRC=192.168.49.1 DST=10.10.254.247 LEN=301 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=45619 DPT=1008 LEN=281 ]
 
169.254.0.0/16 is non-routable - it's a link-local block only, and it does not go outside the LAN.

This is not Avahi/Bonjour traffic - but it could be internal multi-cast stuff - I see this with DirecTV whole-home DVR and the mini-boxes for other TV's...

The 192.168.0.0/16 block - on the Gateway - this is client traffic trying to go out to the internet, so take a look at the IP address in question, and see what it's trying to do.

If the Asus devices are AP mode only - nothing to worry about - the ERL will put the appropriate rules in place to allow/deny the traffic.
 
How can I stop this service from running:

"miniupnpc -m br0 -t"

every time I kill it the connection for the IPA via netstat drops

Also looking at disabling mDNSNetMonitor, lpd and any other services I don't need. cannot find how or where these get started
 
You must log in or register to reply here.

Similar threads

M
IPv6 and Router Advertisement adding route to delegated /56 via WAN interface
Replies
0
Views
241
MrC99
M
E
Need help with system log interpretation
Replies
1
Views
963
Tech9
Tech9
TheAccountOfTeo997
Inbound firewall rules appear to be getting ignored (RT-AX88U on 388.1)
Replies
0
Views
1K
TheAccountOfTeo997
TheAccountOfTeo997
N
Connecting an ax58u to a BT homehub 5, via a lan port, and not getting internet access.
Replies
3
Views
123
ColinTaylor
C
O
Assigned IP address to the WAN interface via VPN director: no internet connection - why?
Replies
1
Views
191
OB1
O
Similar threads
Thread starter Title Forum Replies Date
J Device all of a sudden is assigning itself a 169.254 IP address when coming out of standby Asuswrt-Merlin 36

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 614 (members: 9, guests: 605)
Top