As a learning experience I'm building a secure web/Email server on a Raspberry Pi V4. I have it basically running but in looking at the sys/log file I see many records like the following:
Jul 31 14:04:17 EMail kernel: [ 1023.038514] iptables denied: IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:b8:27:eb:1f:9e:50:08:00 SRC=10.0.7.95 DST=10.0.7.255 LEN=78 TOS=0$ $PROTO=UDP SPT=5353 DPT=5353 LEN=53
My LAN IP address are 10.0.7.0/24. Is there an IPTables rule I can add for both TCP and UDP which will allow LAN computers to access other LAN addresses? Is it safe? Actually it is not clear to me why this Pi (10.0.7.92) would even be seeing this traffic? Right now I have these LAN based IPTables rules:
ACCEPT udp -- 10.0.7.0/24 anywhere udp dpt:netbios-ns
ACCEPT udp -- 10.0.7.0/24 anywhere udp dpt:netbios-dgm
ACCEPT tcp -- 10.0.7.0/24 anywhere tcp dpt:netbios-ssn
ACCEPT tcp -- 10.0.7.0/24 anywhere tcp dpt:microsoft-ds
Thanks for any comments and suggestions....RDK