Is it possible to drop packets based on payload in freenas?

[dcorwin822]

So every so often my freenas install generates a mDNS packet which causes my LG tv to generate a prompt for a pairing key. This greatly annoys the wife while she watches her Netflix. This in turn means I get yelled at to fix it.

I have FreeNAS in a mixed Windows and OSX environment at home.

Using wireshark I captured the packet that FreeNAS generated:
"1136968 2886.409265 192.168.1.1 224.0.0.251 MDNS 85 Standard query 0x0000 PTR _lg_dtv_wifirc._tcp.local, "QM" question"

For me my simple fix would just be to use iptables to drop mDNS packets with the "_lg_dtv_wifirc" in the payload. But FreeNAS doesn't have iptables. So that being said how would you go about solving the issue at hand?

 

[Chris Moore]

What is making this packet? FreeNAS would not be doing this. Do you have some jails that might be the source of the problem?

 

[dcorwin822]

I have zero jails. I use it for timemachine afp and smb shares. I have one VM running Ubuntu Server as a pi-hole.

I per the wire shark capture it looks like freenas 192.168.1.1 is sending a mDNS request to broadcast 224.0.0.251

 

[otpi]

This greatly annoys the wife while she watches her Netflix. This in turn means I get yelled at to fix it.

I can relate to this. We should start a support group for those who "get yelled at to fix things"...

 

[Chris Moore]

I have zero jails. I use it for timemachine afp and smb shares. I have one VM running Ubuntu Server as a pi-hole.

I per the wire shark capture it looks like freenas 192.168.1.1 is sending a mDNS request to broadcast 224.0.0.251

It must be something about the way you have your FreeNAS configured because there should be no reason for this to happen. I have an LG smart TV and neither of my two FreeNAS systems is sending anything to my TV.

causes my LG tv to generate a prompt for a pairing key.

What is it that needs to be re-paired. The idea that a pairing key is being asked for indicates that something is paired with the TV. What is it?

 

[DrKK]

Why would the FreeNAS be on 192.168.1.1? Normally that would be your router/gateway. Are you certain?

FreeNAS *does* send mDNS packets, btw.

 

[dcorwin822]

Why would the FreeNAS be on 192.168.1.1? Normally that would be your router/gateway. Are you certain?

FreeNAS *does* send mDNS packets, btw.

Subnet is /22.

It must be something about the way you have your FreeNAS configured because there should be no reason for this to happen. I have an LG smart TV and neither of my two FreeNAS systems is sending anything to my TV.

What is it that needs to be re-paired. The idea that a pairing key is being asked for indicates that something is paired with the TV. What is it?

Let me see if I can get a snippet of a WireShark log. TV shouldn’t have anything paired to it. It was factory reset and I’m still getting pairing messages when freenas sends a specific mDNS broadcast.

 

[Chris Moore]

TV shouldn’t have anything paired to it. It was factory reset and I’m still getting pairing messages when freenas sends a specific mDNS broadcast.

That may be a faulty monitor / TV.

 

[dcorwin822]

That may be a faulty monitor / TV.

If so how can I get freenas to drop a mDNS packet with a specific payload?

 

[SweetAndLow]

Does this happen if you turn off the afp share?

 

[dcorwin822]

Does this happen if you turn off the afp share?

Heh now that you say that I think it’s when it started. Let me disable AFP and I’ll report back.

Disabled the service but did not remove the shares.

 

[SweetAndLow]

I am not an apple expert, I actually hate their products. But I think they use a form of zeroconf(Bonjour) and that is how timemachine probably works. If this is the problem at least we have narrowed it down to afp and apple. Might give you a better search query to see if anyone else has issues with LG and apple zeroconf.

 

[DrKK]

Subnet is /22.

OK, but I'm not sure that's responsive to what I was asking. Your FreeNAS is literally at 192.168.1.1?

 

[jgreco]

OK, but I'm not sure that's responsive to what I was asking. Your FreeNAS is literally at 192.168.1.1?

It's totally responsive. It means his first address in the range is 192.168.0.0, first usable is 192.168.0.1, probably his router. Unless he's a last-usable guy.

In such a case, 192.168.1.1 is about a quarter of the way into the usable address space, right after 192.168.0.255 and 192.168.1.0. I would call this "quaint" but it's certainly fine to do.

 

[dcorwin822]

It's totally responsive. It means his first address in the range is 192.168.0.0, first usable is 192.168.0.1, probably his router. Unless he's a last-usable guy.

In such a case, 192.168.1.1 is about a quarter of the way into the usable address space, right after 192.168.0.255 and 192.168.1.0. I would call this "quaint" but it's certainly fine to do.

Quaint... I like it!

OK, so disabling AFP did the trick.

So far I've only found two other incidents on the web
https://www.avforums.com/threads/1577012/
help.infinitekind.com/discussions/problems/4392

 

[HolyK]

If you need AFP you could try to disable zeroconf (Bonjour) ( zeroconf = no ). It will stop network announcing so clients will not get your shares advertised automatically but manual setup should still work OK.

 

[dcorwin822]

Well in a strange turn of events; everything is working well now. I'm not sure what was going on but restarting the AFP seems to have fixed my issue. I'm no longer getting prompts, Time machine and AFP shares seem to be working correctly.