Carlos E. R. wrote:
I wasn't sure they were dhcp client broadcasts, though.
Okay. At least that answered in my first reply in the thread.
* if you're not sure if you need then, reject but log
It's a lot of noise.
Is that a problem?
For me, yes! I don't like noise in the logs. Hate it, actually.
Stop logging stuff :-) That is perhaps a matter of personal attitude - when I (in code or in a firewall chain) end up in a situation I hadn't anticipated, I want to know about it. Repetitive lines can be suppressed by your syslog daemon. All of my firewall scripts finish with these lines: ## log all traffic that comes this way $IPTABLES -A INPUT -p all -j LOG --log-level debug --log-prefix 'input: ' $IPTABLES -A FORWARD -p all -j LOG --log-level debug --log-prefix 'forward: ' ## Drop anything that is not explicitly allowed. $IPTABLES -A INPUT -p all -j DROP $IPTABLES -A FORWARD -p all -j DROP -- Per Jessen, Zürich (15.8°C) Member, openSUSE Heroes (2016 - present) We're hiring - https://en.opensuse.org/openSUSE:Heroes