Configure denial of service and block mobile on wifi
Hello,I have the Denial of Service Configuration function on the switch, it is set with default parameters.I have a WiFi Unifi AP AC RL connected to the switch, every moment it happens to me that the port where WiFi is connected is blocked.I get a message in the switch list:
<11> Jan 16 03:18:04 192.168.20.10-1 DOS [43327500]: dos_api.c (1844) 4979 %% Interface g19 has been shut down by Dos attack notification
I probably noticed the cause of the problem:
In the UniFi Controller in the WiFi settings there is an item:
- Multicast and broadcast filtering
when I check an item:
- Block multicast and broadcast data in the direction from LAN to WLAN
So they start getting the aforementioned message .... Can you explain to me why this is happening?
I have the module installed on my firewall:
- Suricata Network IDS, IPS and Network Security Monitoring engine and at the time of the incident I do not see any suspicious packets ....
Many thanks for any information that will lead to an understanding of my problem ..
- Block multicast and broadcast data in the direction from LAN to WLAN
Whatever is the idea to block traffic which is typically normal, and required here .... is multicast and broadcast evil or what? Just because the control does exist, it does not imply it's anyhting meaningful for a real-world network.
So they start getting the aforementioned message .... Can you explain to me why this is happening?
You are going to block things which require to be workable, and systems on your WLAN might go and repeat normal actions where answers are expected from the network, typically the local network, say for example ARP resolution, discovery, live video streams, ... and the client might repeat the "requests" heavily for example.
