Rule to target specific UDP traffic

sarky · April 6, 2022, 9:00am

Good Morning All

Just wondering how do I target this specific traffic, so I can add them to the list
without affecting my local network.

I have attached a screen shot showing same ip opened 2 connections to the router.

protocol UDP
on one SRC using port 80 —> Hitting DNS and basically saturating my link.

At the moment, I’m just monitoring the traffic and if I see an unusual traffic I am manually blocking
it thereafter the same thing happens again with a different SRC.

Thanks guys in advance

Sarky
Screenshot 2022-03-30 at 12.53.28.png

Sob · April 6, 2022, 11:38am

There’s traffic in both directions, do you have open resolver (= generally bad thing)? It would be good idea to fix that.

sarky · April 6, 2022, 12:30pm

Thanks

I don’t know why I didn’t think about the simplest method as just blocking external traffic to the DNS.

Added the rules, hopefully that should fix it.

Thanks again

Sarky

anav · April 6, 2022, 12:45pm

The default rules block WAN to Router traffic (including external DNS) and WAN to LAN traffic, what did you do to mess that up?