Firewall blocked remote IP address 0.0.0.0
Updated: 31 May 2010 | 8 comments
Hi,
i am a bit confused why the logs from SEP Manager always show that remote IP address 0.0.0.0 is blocked by firewall as per attached image. Can someone explain to me?
Thanks
discussion Filed Under:
Comments
I see the same, just haven't
I see the same, just haven't had the time to look into it. I would also like an explanation.
x3
x3
My sites - http://theamcpages.com & http://antique-engines.com
Toy:
Shadow:
Maybe this can help...
Thank Steve Jobbs for this one... Well, alright Stuart Cheshire, but all the same...
Also good to note, this draft has been submitted 6 times. First appearing in November 2001 and lastly in February 2008 by S. Cheshire of Apple Computer corporation - RFC 5227.
* * * * * * * *
QUOTED FROM A DRAFT LISTED BELOW... (Point 1.1 Paragraph 3)
In this document, the term "ARP Probe" is used to refer to an ARP Request packet, broadcast on the local link, with an all-zero 'sender IP address'. The 'sender hardwaremaddress' MUST contain the hardware address of the interface sending the packet. The 'sender IP address' field MUST be set to all zeroes, to avoid polluting ARP caches in other hosts on the same link in the case where the address turns out to be already in use by another host. The 'target hardware address' field is ignored and SHOULD be set to all zeroes. The 'target IP address' field MUST be set to the address being probed. An "ARP Probe" conveys both a question ("Is anyone using this address?") and an implied statement ("This is the address I intend to use.").
* * * * * * * * *
Feel free to read the part of or the whole of the draft around the 0.0.0.0 Reserved address submitted here.
http://tools.ietf.org/html/draft-cheshire-ipv4-acd-00
All 6 drafts and RFC 5227 included in various formats...
That's cool - but why do we
That's cool - but why do we see those in the SEP logs - what's causing SEP to block them?
Is this an Apple thing? Like some protocol Apple devices, printers, etc. use?? We have some printers that haven't been properly configured and the Netware and Appletalk protocols are active on them..............
(why is it that some folks just plain know so much stuff!)
My sites - http://theamcpages.com & http://antique-engines.com
Toy:
Shadow:
PS - also curious when I have
PS - also curious when I have no rules in the firewall on these test computers to block anything. There's only a couple rules even checked, and they both say "allow".
No rules block, the two rules enables say to allow all.
So can you suggest what might be telling SEPs firewall to block these things? OR, are those log entires really from the firewall or something else?
Curious.........
My sites - http://theamcpages.com & http://antique-engines.com
Toy:
Shadow:
Windows vista machines ahve
Windows vista machines ahve ip v6 enabled by default . please disable that . I have seen by disabliing ipv6 these logs don't come.
It's disabled in our
It's disabled in our case.......... we've only 2 or 3 Vista computers, IPv6 was disabled weeks ago.................
My sites - http://theamcpages.com & http://antique-engines.com
Toy:
Shadow:
Firewall blocked remote IP address 0.0.0.0
Does this mean that the SEP Firewall will always block ARP broadcast? How to avoid this for non Microsoft Vista desktop?
Would you like to reply?
Login or Register to post your comment.