Flood of ”peer a.b.c.d:port is not from a LAN” in syslog
After upgrading from Xenial to Bionic, my syslog is being spammed by minissdpd. From today’s syslog going back three hours:
15.05 jani@saegusa:~$ grep ”is not from a LAN” /var/log/syslog | tail
Mar 23 15:03:30 saegusa minissdpd[1990]: peer 192.168.1.4:39280 is not from a LAN
Mar 23 15:03:33 saegusa minissdpd[1990]: message repeated 3 times: [ peer 192.168.1.4:39280 is not from a LAN]
Mar 23 15:03:36 saegusa minissdpd[1990]: peer 192.168.1.10:13206 is not from a LAN
Mar 23 15:03:36 saegusa minissdpd[1990]: peer 192.168.1.10:13206 is not from a LAN
Mar 23 15:03:51 saegusa minissdpd[1990]: peer 192.168.1.1:32769 is not from a LAN
Mar 23 15:04:21 saegusa minissdpd[1990]: message repeated 39 times: [ peer 192.168.1.1:32769 is not from a LAN]
Mar 23 15:04:29 saegusa minissdpd[1990]: peer 192.168.1.10:13206 is not from a LAN
Mar 23 15:04:29 saegusa minissdpd[1990]: peer 192.168.1.10:13206 is not from a LAN
Mar 23 15:04:50 saegusa minissdpd[1990]: peer 192.168.1.1:32769 is not from a LAN
Mar 23 15:04:51 saegusa minissdpd[1990]: message repeated 19 times: [ peer 192.168.1.1:32769 is not from a LAN]
15.05 jani@saegusa:~$ grep -c ”is not from a LAN” /var/log/syslog
1623
192.168.1.0 is my LAN.
According to the upstream report [1], specifying an interface should get rid of the ”not from a LAN” messages, and I can confirm that adding ”-i eth1” to the value of MiniSSDPd_OTHER_OPTIONS in /etc/default/minissdpd does just that. I don’t know how good a solution adding a fixed interface is though, I’d imagine switching to (e.g.) a wifi interface on a system with multiple interfaces would cause the message flood to reappear.
*[1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=890584