I have bridged network. 7 buildings, each of the building has a MT box bridged to have clients able to use the public ips. we have 4 subnets of public ips but appears to have minor to critical broadcast storm.
0 ;;; Drop all broadcast
mac-src-address=00:00:00:00:00:00 in-interface=all
mac-dst-address=FF:FF:FF:FF:FF:FF out-interface=all mac-protocol=all
src-address=0.0.0.0/0 dst-address=0.0.0.0/0 protocol=all action=drop
1 ;;; Accept in/out traffic on WAN interface
mac-src-address=00:00:00:00:00:00 in-interface=WAN
mac-dst-address=00:00:00:00:00:00 out-interface=all mac-protocol=all
src-address=0.0.0.0/0 dst-address=0.0.0.0/0 protocol=all action=accept
2 mac-src-address=00:00:00:00:00:00 in-interface=all
mac-dst-address=00:00:00:00:00:00 out-interface=WAN mac-protocol=all
src-address=0.0.0.0/0 dst-address=0.0.0.0/0 protocol=all action=accept
3 ;;; Block all traffic between LAN interfaces
mac-src-address=00:00:00:00:00:00 in-interface=all
mac-dst-address=00:00:00:00:00:00 out-interface=all mac-protocol=all
src-address=0.0.0.0/0 dst-address=0.0.0.0/0 protocol=all action=drop
first of all, with rule 0 enabled, I won’t able to surf internet. Then I disabled rule 0, internet works again. After surfing the web for a minute, and then I enble rule 0 again, internet works fine. Is there anyway to prevent broadcast leaving the MT box or to prevent broadcast storm?
