I think i have a little problem ?

Hi all
i have in my trafik a lot og block data?
2020-08-18 15:04:20 Deny 0.0.0.0 0.0.0.0 5678/udp 0 0 2-INET Firebox Denied 160 64 (Unhandled Internal Packet-00) proc_id="firewall" rc="101" msg_id="3000-0148" Traffic
2020-08-18 15:04:21 Deny 0.0.0.0 0.0.0.0 5678/udp 0 0 2-INET Firebox Denied 160 64 (Unhandled Internal Packet-00) proc_id="firewall" rc="101" msg_id="3000-0148" Traffic
2020-08-18 15:04:21 Deny 0.0.0.0 0.0.0.0 5678/udp 0 0 2-INET Firebox Denied 159 64 (Unhandled Internal Packet-00) proc_id="firewall" rc="101" msg_id="3000-0148" Traffic
2020-08-18 15:04:21 Deny 0.0.0.0 0.0.0.0 5678/udp 0 0 2-INET Firebox Denied 145 64 (Unhandled Internal Packet-00) proc_id="firewall" rc="101" msg_id="3000-0148" Traffic
2020-08-18 15:04:22 Deny 0.0.0.0 0.0.0.0 5678/udp 0 0 2-INET Firebox Denied 148 64 (Unhandled Internal Packet-00) proc_id="firewall" rc="101" msg_id="3000-0148" Traffic
2020-08-18 15:04:22 Deny 0.0.0.0 0.0.0.0 5678/udp 0 0 2-INET Firebox Denied 145 64 (Unhandled Internal Packet-00) proc_id="firewall" rc="101" msg_id="3000-0148" Traffic
2020-08-18 15:04:23 Deny 0.0.0.0 0.0.0.0 5678/udp 0 0 2-INET Firebox Denied 146 64 (Unhandled Internal Packet-00) proc_id="firewall" rc="101" msg_id="3000-0148" Traffic
2020-08-18 15:04:23 Deny 0.0.0.0 0.0.0.0 5678/udp 0 0 2-INET Firebox Denied 146 64 (Unhandled Internal Packet-00) proc_id="firewall" rc="101" msg_id="3000-0148" Traffic
2020-08-18 15:04:25 Deny 0.0.0.0 0.0.0.0 5678/udp 0 0 2-INET Firebox Denied 160 64 (Unhandled Internal Packet-00) proc_id="firewall" rc="101" msg_id="3000-0148" Traffic
2020-08-18 15:04:25 Deny 0.0.0.0 0.0.0.0 5678/udp 0 0 2-INET Firebox Denied 146 64 (Unhandled Internal Packet-00) proc_id="firewall" rc="101" msg_id="3000-0148" Traffic
2020-08-18 15:04:25 Deny 0.0.0.0 0.0.0.0 5678/udp 0 0 2-INET Firebox Denied 145 64 (Unhandled Internal Packet-00) proc_id="firewall" rc="101" msg_id="3000-0148" Traffic
2020-08-18 15:04:26 Deny 0.0.0.0 0.0.0.0 5678/udp 0 0 2-INET Firebox Denied 160 64 (Unhandled Internal Packet-00) proc_id="firewall" rc="101" msg_id="3000-0148" Traffic
2020-08-18 15:04:26 Deny 0.0.0.0 0.0.0.0 5678/udp 0 0 2-INET Firebox Denied 156 64 (Unhandled Internal Packet-00) proc_id="firewall" rc="101" msg_id="3000-0148" Traffic
2020-08-18 15:04:26 Deny 0.0.0.0 0.0.0.0 67/udp 0 0 1-WAN Firebox Denied 328 128 (Unhandled External Packet-00) proc_id="firewall" rc="101" msg_id="3000-0148" Traffic
2020-08-18 15:04:27 Deny 0.0.0.0 0.0.0.0 5678/udp 0 0 2-INET Firebox Denied 147 64 (Unhandled Internal Packet-00) proc_id="firewall" rc="101" msg_id="3000-0148" Traffic
2020-08-18 15:04:27 Deny 0.0.0.0 0.0.0.0 5678/udp 0 0 2-INET Firebox Denied 139 64 (Unhandled Internal Packet-00) proc_id="firewall" rc="101" msg_id="3000-0148" Traffic
2020-08-18 15:04:27 Deny 0.0.0.0 0.0.0.0 5678/udp 0 0 2-INET Firebox Denied 158 64 (Unhandled Internal Packet-00) proc_id="firewall" rc="101" msg_id="3000-0148" Traffic
2020-08-18 15:04:27 Deny 0.0.0.0 0.0.0.0 5678/udp 0 0 2-INET Firebox Denied 161 64 (Unhandled Internal Packet-00) proc_id="firewall" rc="101" msg_id="3000-0148" Traffic
2020-08-18 15:04:27 Deny 0.0.0.0 0.0.0.0 5678/udp 0 0 2-INET Firebox Denied 159 64 (Unhandled Internal Packet-00) proc_id="firewall" rc="101" msg_id="3000-0148" Traffic
2020-08-18 15:04:29 Deny 0.0.0.0 0.0.0.0 5678/udp 0 0 2-INET Firebox Denied 147 64 (Unhandled Internal Packet-00) proc_id="firewall" rc="101" msg_id="3000-0148" Traffic
2020-08-18 15:04:29 Deny 0.0.0.0 0.0.0.0 5678/udp 0 0 2-INET Firebox Denied 147 64 (Unhandled Internal Packet-00) proc_id="firewall" rc="101" msg_id="3000-0148" Traffic
2020-08-18 15:04:29 Deny 0.0.0.0 0.0.0.0 5678/udp 0 0 2-INET Firebox Denied 145 64 (Unhandled Internal Packet-00) proc_id="firewall" rc="101" msg_id="3000-0148" Traffic
2020-08-18 15:04:30 Deny 0.0.0.0 0.0.0.0 5678/udp 0 0 2-INET Firebox Denied 144 64 (Unhandled Internal Packet-00) proc_id="firewall" rc="101" msg_id="3000-0148" Traffic
2020-08-18 15:04:30 Deny 0.0.0.0 0.0.0.0 5678/udp 0 0 2-INET Firebox Denied 160 64 (Unhandled Internal Packet-00) proc_id="firewall" rc="101" msg_id="3000-0148" Traffic
2020-08-18 15:04:33 Deny 0.0.0.0 0.0.0.0 5678/udp 0 0 2-INET Firebox Denied 146 64 (Unhandled Internal Packet-00) proc_id="firewall" rc="101" msg_id="3000-0148" Traffic
2020-08-18 15:04:33 Deny 0.0.0.0 0.0.0.0 5678/udp 0 0 2-INET Firebox Denied 145 64 (Unhandled Internal Packet-00) proc_id="firewall" rc="101" msg_id="3000-0148" Traffic
2020-08-18 15:04:34 Deny 0.0.0.0 0.0.0.0 5678/udp 0 0 2-INET Firebox Denied 145 64 (Unhandled Internal Packet-00) proc_id="firewall" rc="101" msg_id="3000-0148" Traffic
2020-08-18 15:04:34 Deny 0.0.0.0 0.0.0.0 5678/udp 0 0 2-INET Firebox Denied 158 64 (Unhandled Internal Packet-00) proc_id="firewall" rc="101" msg_id="3000-0148" Traffic
2020-08-18 15:04:34 Deny 0.0.0.0 0.0.0.0 5678/udp 0 0 2-INET Firebox Denied 170 64 (Unhandled Internal Packet-00) proc_id="firewall" rc="101" msg_id="3000-0148" Traffic
2020-08-18 15:04:35 Deny 0.0.0.0 0.0.0.0 5678/udp 0 0 2-INET Firebox Denied 138 64 (Unhandled Internal Packet-00) proc_id="firewall" rc="101" msg_id="3000-0148" Traffic
2020-08-18 15:04:35 Deny 0.0.0.0 0.0.0.0 5678/udp 0 0 2-INET Firebox Denied 157 64 (Unhandled Internal Packet-00) proc_id="firewall" rc="101" msg_id="3000-0148" Traffic
2020-08-18 15:04:37 Deny 0.0.0.0 0.0.0.0 5678/udp 0 0 2-INET Firebox Denied 160 64 (Unhandled Internal Packet-00) proc_id="firewall" rc="101" msg_id="3000-0148" Traffic
2020-08-18 15:04:37 Deny 0.0.0.0 0.0.0.0 5678/udp 0 0 2-INET Firebox Denied 138 64 (Unhandled Internal Packet-00) proc_id="firewall" rc="101" msg_id="3000-0148" Traffic
2020-08-18 15:04:39 Deny 0.0.0.0 0.0.0.0 5678/udp 0 0 2-INET Firebox Denied 157 64 (Unhandled Internal Packet-00) proc_id="firewall" rc="101" msg_id="3000-0148" Traffic
2020-08-18 15:04:39 Deny 0.0.0.0 0.0.0.0 5678/udp 0 0 2-INET Firebox Denied 144 64 (Unhandled Internal Packet-00) proc_id="firewall" rc="101" msg_id="3000-0148" Traffic
2020-08-18 15:04:40 Deny 0.0.0.0 0.0.0.0 5678/udp 0 0 2-INET Firebox Denied 144 64 (Unhandled Internal Packet-00) proc_id="firewall" rc="101" msg_id="3000-0148" Traffic
2020-08-18 15:04:40 Deny 0.0.0.0 0.0.0.0 5678/udp 0 0 2-INET Firebox Denied 147 64 (Unhandled Internal Packet-00) proc_id="firewall" rc="101" msg_id="3000-0148" Traffic
2020-08-18 15:04:42 Deny 0.0.0.0 0.0.0.0 67/udp 0 0 1-WAN Firebox Denied 328 128 (Unhandled External Packet-00) proc_id="firewall" rc="101" msg_id="3000-0148" Traffic
2020-08-18 15:04:42 Deny 0.0.0.0 0.0.0.0 5678/udp 0 0 2-INET Firebox Denied 160 64 (Unhandled Internal Packet-00) proc_id="firewall" rc="101" msg_id="3000-0148" Traffic
2020-08-18 15:04:42 Deny 0.0.0.0 0.0.0.0 5678/udp 0 0 2-INET Firebox Denied 145 64 (Unhandled Internal Packet-00) proc_id="firewall" rc="101" msg_id="3000-0148" Traffic
2020-08-18 15:04:44 Deny 0.0.0.0 0.0.0.0 5678/udp 0 0 2-INET Firebox Denied 141 64 (Unhandled Internal Packet-00) proc_id="firewall" rc="101" msg_id="3000-0148" Traffic
2020-08-18 15:04:44 Deny 0.0.0.0 0.0.0.0 5678/udp 0 0 2-INET Firebox Denied 160 64 (Unhandled Internal Packet-00) proc_id="firewall" rc="101" msg_id="3000-0148" Traffic
2020-08-18 15:04:44 Deny 0.0.0.0 0.0.0.0 5678/udp 0 0 2-INET Firebox Denied 162 64 (Unhandled Internal Packet-00) proc_id="firewall" rc="101" msg_id="3000-0148" Traffic
2020-08-18 15:04:44 Deny 0.0.0.0 0.0.0.0 5678/udp 0 0 2-INET Firebox Denied 153 64 (Unhandled Internal Packet-00) proc_id="firewall" rc="101" msg_id="3000-0148" Traffic

I am trying to get ret of it but no luck? i am sure it is a network discovery from mikrotik but can i make a rule there allow this in my trust network?

Comments

  • You can turn it off in IP / Neighbors / Discovery Interfaces
    https://forum.mikrotik.com/viewtopic.php?t=19812

    You can add a Custom Packet filter for UDP 5678
    Add that as a policy, From: INET To: Firebox, set to Denied and in Logging set to not log.

  • Hi Bruce_Briggs
    Thanks for the answer.
    PT I have to have Neighbors / Discovery on until I have got all the interplan and routings in place, so I would allow it in the firewall so it was not so red all the time but even if I allow the gate it still comes out?

    Regards
    Jimmy

  • Not sure what you are asking here.

  • just to open Neighbors / Discovery so it not show up as red block?

  • Add the policy I suggested to not log these packets, and thus not see them in Traffic Monitor.

Sign In to comment.