-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, I have just noticed frequent rejection messages in the firewall log: <0.4> 2016-03-02 12:53:42 Telcontar kernel - - - [170676.016540] SFW2-INext-DROP-DEFLT IN=eth0 OUT= MAC=00:21:85:16:2d:0b:f8:1a:67:91:f4:22:08:00 SRC=192.168.1.5 DST=192.168.1.14 LEN=348 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=1900 DPT=10277 LEN=328 The originator is a secondary router which I use to provide WiFi in my network. The destination is my desktop computer. The source port I can identify as "ssdp', but the destination port is not registered to any service. Should I open it, and would it give me any advantage? https://en.wikipedia.org/wiki/Simple_Service_Discovery_Protocol The Simple Service Discovery Protocol (SSDP) is a network protocol based on the Internet Protocol Suite for advertisement and discovery of network services and presence information. It accomplishes this without assistance of server-based configuration mechanisms, such as the Dynamic Host Configuration Protocol (DHCP) or the Domain Name System (DNS), and without special static configuration of a network host. SSDP is the basis of the discovery protocol of Universal Plug and Play (UPnP) and is intended for use in residential or small office environments. It was formally described in an IETF Internet draft by Microsoft and Hewlett-Packard in 1999. Although the IETF proposal has since expired,[1] SSDP was incorporated into the UPnP protocol stack, and a description of the final implementation is included in UPnP standards documents.[2] (I find it strange to open a port such as 10277) I have started wireshark listening to traffic from 192.168.1.5, and I see it is sending those packages I see in the firewall, and others to 239.255.255.250, which I find strange. Must be a broadcast. Some data extracted by wireshark: 1 11:46:10.048629000 192.168.1.5 192.168.1.14 SSDP 362 HTTP/1.1 200 OK Frame 1: 362 bytes on wire (2896 bits), 362 bytes captured (2896 bits) on interface 0 Ethernet II, Src: Tp-LinkT_91:f4:22 (f8:1a:67:91:f4:22), Dst: Micro-St_16:2d:0b (00:21:85:16:2d:0b) Internet Protocol Version 4, Src: 192.168.1.5 (192.168.1.5), Dst: 192.168.1.14 (192.168.1.14) User Datagram Protocol, Src Port: 1900 (1900), Dst Port: 10277 (10277)Hypertext Transfer Protocol - -- Cheers Carlos E. R. (from 13.1 x86_64 "Bottle" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) iEYEARECAAYFAlbW4asACgkQtTMYHG2NR9VMAgCfbEHs0gHiVyYoNjF5L34MDCyW yGEAnAlBXGqckPPEA+2UUbrht9gjg+zT =OZ5t -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org