Firewal block Spam

The firewall is constantly blocking connections.
What is the problem?

21:18:42 kernel: [UFW BLOCK] IN=enp10s0 OUT= MAC=01:00:5e:00:00:01:2c:91:ab:5a:cf:03:08:00 SRC=192.168.178.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0xC0 TTL=1 ID=57108 DF PROTO=2 
21:18:42 kernel: [UFW BLOCK] IN=enp10s0 OUT= MAC=01:00:5e:00:00:01:2c:91:ab:5a:cf:03:08:00 SRC=192.168.178.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0xC0 TTL=1 ID=57108 DF PROTO=2 
21:18:11 kernel: [UFW BLOCK] IN=enp10s0 OUT= MAC=01:00:5e:00:00:01:2c:91:ab:5a:cf:03:08:00 SRC=192.168.178.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0xC0 TTL=1 ID=53433 DF PROTO=2 
21:17:41 kernel: [UFW BLOCK] IN=enp10s0 OUT= MAC=01:00:5e:00:00:01:2c:91:ab:5a:cf:03:08:00 SRC=192.168.178.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0xC0 TTL=1 ID=40195 DF PROTO=2 
21:17:11 kernel: [UFW BLOCK] IN=enp10s0 OUT= MAC=01:00:5e:00:00:01:2c:91:ab:5a:cf:03:08:00 SRC=192.168.178.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0xC0 TTL=1 ID=12793 DF PROTO=2 
21:16:41 kernel: [UFW BLOCK] IN=enp10s0 OUT= MAC=01:00:5e:00:00:01:2c:91:ab:5a:cf:03:08:00 SRC=192.168.178.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0xC0 TTL=1 ID=54036 DF PROTO=2 
21:16:11 kernel: [UFW BLOCK] IN=enp10s0 OUT= MAC=01:00:5e:00:00:01:2c:91:ab:5a:cf:03:08:00 SRC=192.168.178.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0xC0 TTL=1 ID=37455 DF PROTO=2 
21:15:41 kernel: [UFW BLOCK] IN=enp10s0 OUT= MAC=01:00:5e:00:00:01:2c:91:ab:5a:cf:03:08:00 SRC=192.168.178.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0xC0 TTL=1 ID=37178 DF PROTO=2 
21:15:11 kernel: [UFW BLOCK] IN=enp10s0 OUT= MAC=01:00:5e:00:00:01:2c:91:ab:5a:cf:03:08:00 SRC=192.168.178.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0xC0 TTL=1 ID=19973 DF PROTO=2 
21:14:41 kernel: [UFW BLOCK] IN=enp10s0 OUT= MAC=01:00:5e:00:00:01:2c:91:ab:5a:cf:03:08:00 SRC=192.168.178.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0xC0 TTL=1 ID=58356 DF PROTO=2 
21:14:11 kernel: [UFW BLOCK] IN=enp10s0 OUT= MAC=01:00:5e:00:00:01:2c:91:ab:5a:cf:03:08:00 SRC=192.168.178.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0xC0 TTL=1 ID=37621 DF PROTO=2 
21:13:41 kernel: [UFW BLOCK] IN=enp10s0 OUT= MAC=01:00:5e:00:00:01:2c:91:ab:5a:cf:03:08:00 SRC=192.168.178.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0xC0 TTL=1 ID=16533 DF PROTO=2 
21:13:12 kernel: [UFW BLOCK] IN=enp10s0 OUT= MAC=33:33:00:00:00:01:2c:91:ab:5a:cf:03:86:dd SRC=fe80:0000:0000:0000:2e91:abff:fe5a:cf03 DST=ff02:0000:0000:0000:0000:0000:0000:0001 LEN=64 TC=0 HOPLIMIT=255 FLOWLBL=0 PROTO=UDP SPT=53805 DPT=53805 LEN=24 
21:13:11 kernel: [UFW BLOCK] IN=enp10s0 OUT= MAC=01:00:5e:00:00:01:2c:91:ab:5a:cf:03:08:00 SRC=192.168.178.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0xC0 TTL=1 ID=15132 DF PROTO=2 
21:12:41 kernel: [UFW BLOCK] IN=enp10s0 OUT= MAC=01:00:5e:00:00:01:2c:91:ab:5a:cf:03:08:00 SRC=192.168.178.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0xC0 TTL=1 ID=64371 DF PROTO=2 
21:12:11 kernel: [UFW BLOCK] IN=enp10s0 OUT= MAC=01:00:5e:00:00:01:2c:91:ab:5a:cf:03:08:00 SRC=192.168.178.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0xC0 TTL=1 ID=60642 DF PROTO=2 
21:11:41 kernel: [UFW BLOCK] IN=enp10s0 OUT= MAC=01:00:5e:00:00:01:2c:91:ab:5a:cf:03:08:00 SRC=192.168.178.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0xC0 TTL=1 ID=33506 DF PROTO=2 
21:11:11 kernel: [UFW BLOCK] IN=enp10s0 OUT= MAC=01:00:5e:00:00:01:2c:91:ab:5a:cf:03:08:00 SRC=192.168.178.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0xC0 TTL=1 ID=8180 DF PROTO=2 
21:10:41 kernel: [UFW BLOCK] IN=enp10s0 OUT= MAC=01:00:5e:00:00:01:2c:91:ab:5a:cf:03:08:00 SRC=192.168.178.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0xC0 TTL=1 ID=54103 DF PROTO=2 
21:10:11 kernel: [UFW BLOCK] IN=enp10s0 OUT= MAC=01:00:5e:00:00:01:2c:91:ab:5a:cf:03:08:00 SRC=192.168.178.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0xC0 TTL=1 ID=48197 DF PROTO=2 
21:09:41 kernel: [UFW BLOCK] IN=enp10s0 OUT= MAC=01:00:5e:00:00:01:2c:91:ab:5a:cf:03:08:00 SRC=192.168.178.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0xC0 TTL=1 ID=20083 DF PROTO=2 
21:09:11 kernel: [UFW BLOCK] IN=enp10s0 OUT= MAC=01:00:5e:00:00:01:2c:91:ab:5a:cf:03:08:00 SRC=192.168.178.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0xC0 TTL=1 ID=3712 DF PROTO=2 
21:08:41 kernel: [UFW BLOCK] IN=enp10s0 OUT= MAC=01:00:5e:00:00:01:2c:91:ab:5a:cf:03:08:00 SRC=192.168.178.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0xC0 TTL=1 ID=62809 DF PROTO=2 
21:08:11 kernel: [UFW BLOCK] IN=enp10s0 OUT= MAC=01:00:5e:00:00:01:2c:91:ab:5a:cf:03:08:00 SRC=192.168.178.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0xC0 TTL=1 ID=48086 DF PROTO=2 
21:07:41 kernel: [UFW BLOCK] IN=enp10s0 OUT= MAC=01:00:5e:00:00:01:2c:91:ab:5a:cf:03:08:00 SRC=192.168.178.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0xC0 TTL=1 ID=39526 DF PROTO=2 
21:07:11 kernel: [UFW BLOCK] IN=enp10s0 OUT= MAC=01:00:5e:00:00:01:2c:91:ab:5a:cf:03:08:00 SRC=192.168.178.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0xC0 TTL=1 ID=31403 DF PROTO=2 
21:06:41 kernel: [UFW BLOCK] IN=enp10s0 OUT= MAC=01:00:5e:00:00:01:2c:91:ab:5a:cf:03:08:00 SRC=192.168.178.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0xC0 TTL=1 ID=7116 DF PROTO=2 
21:06:11 kernel: [UFW BLOCK] IN=enp10s0 OUT= MAC=01:00:5e:00:00:01:2c:91:ab:5a:cf:03:08:00 SRC=192.168.178.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0xC0 TTL=1 ID=65178 DF PROTO=2 
21:05:41 kernel: [UFW BLOCK] IN=enp10s0 OUT= MAC=01:00:5e:00:00:01:2c:91:ab:5a:cf:03:08:00 SRC=192.168.178.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0xC0 TTL=1 ID=45376 DF PROTO=2 
21:05:11 kernel: [UFW BLOCK] IN=enp10s0 OUT= MAC=01:00:5e:00:00:01:2c:91:ab:5a:cf:03:08:00 SRC=192.168.178.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0xC0 TTL=1 ID=27577 DF PROTO=2 
21:04:41 kernel: [UFW BLOCK] IN=enp10s0 OUT= MAC=01:00:5e:00:00:01:2c:91:ab:5a:cf:03:08:00 SRC=192.168.178.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0xC0 TTL=1 ID=13648 DF PROTO=2 
21:04:11 kernel: [UFW BLOCK] IN=enp10s0 OUT= MAC=01:00:5e:00:00:01:2c:91:ab:5a:cf:03:08:00 SRC=192.168.178.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0xC0 TTL=1 ID=4619 DF PROTO=2 
21:03:41 kernel: [UFW BLOCK] IN=enp10s0 OUT= MAC=01:00:5e:00:00:01:2c:91:ab:5a:cf:03:08:00 SRC=192.168.178.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0xC0 TTL=1 ID=54877 DF PROTO=2 
21:03:12 kernel: [UFW BLOCK] IN=enp10s0 OUT= MAC=33:33:00:00:00:01:2c:91:ab:5a:cf:03:86:dd SRC=fe80:0000:0000:0000:2e91:abff:fe5a:cf03 DST=ff02:0000:0000:0000:0000:0000:0000:0001 LEN=64 TC=0 HOPLIMIT=255 FLOWLBL=0 PROTO=UDP SPT=53805 DPT=53805 LEN=24 
21:03:11 kernel: [UFW BLOCK] IN=enp10s0 OUT= MAC=01:00:5e:00:00:01:2c:91:ab:5a:cf:03:08:00 SRC=192.168.178.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0xC0 TTL=1 ID=52969 DF PROTO=2 
21:02:41 kernel: [UFW BLOCK] IN=enp10s0 OUT= MAC=01:00:5e:00:00:01:2c:91:ab:5a:cf:03:08:00 SRC=192.168.178.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0xC0 TTL=1 ID=47721 DF PROTO=2 
21:02:11 kernel: [UFW BLOCK] IN=enp10s0 OUT= MAC=01:00:5e:00:00:01:2c:91:ab:5a:cf:03:08:00 SRC=192.168.178.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0xC0 TTL=1 ID=42891 DF PROTO=2 
21:01:41 kernel: [UFW BLOCK] IN=enp10s0 OUT= MAC=01:00:5e:00:00:01:2c:91:ab:5a:cf:03:08:00 SRC=192.168.178.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0xC0 TTL=1 ID=16054 DF PROTO=2 
21:01:11 kernel: [UFW BLOCK] IN=enp10s0 OUT= MAC=01:00:5e:00:00:01:2c:91:ab:5a:cf:03:08:00 SRC=192.168.178.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0xC0 TTL=1 ID=51869 DF PROTO=2 
21:00:41 kernel: [UFW BLOCK] IN=enp10s0 OUT= MAC=01:00:5e:00:00:01:2c:91:ab:5a:cf:03:08:00 SRC=192.168.178.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0xC0 TTL=1 ID=38016 DF PROTO=2 
21:00:11 kernel: [UFW BLOCK] IN=enp10s0 OUT= MAC=01:00:5e:00:00:01:2c:91:ab:5a:cf:03:08:00 SRC=192.168.178.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0xC0 TTL=1 ID=37583 DF PROTO=2 
20:59:41 kernel: [UFW BLOCK] IN=enp10s0 OUT= MAC=01:00:5e:00:00:01:2c:91:ab:5a:cf:03:08:00 SRC=192.168.178.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0xC0 TTL=1 ID=37409 DF PROTO=2 
20:59:11 kernel: [UFW BLOCK] IN=enp10s0 OUT= MAC=01:00:5e:00:00:01:2c:91:ab:5a:cf:03:08:00 SRC=192.168.178.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0xC0 TTL=1 ID=21040 DF PROTO=2 
20:58:41 kernel: [UFW BLOCK] IN=enp10s0 OUT= MAC=01:00:5e:00:00:01:2c:91:ab:5a:cf:03:08:00 SRC=192.168.178.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0xC0 TTL=1 ID=3386 DF PROTO=2 
20:58:12 kernel: [UFW BLOCK] IN=enp10s0 OUT= MAC=01:00:5e:00:00:01:2c:91:ab:5a:cf:03:08:00 SRC=192.168.178.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0xC0 TTL=1 ID=59567 DF PROTO=2 
20:58:00 kernel: tg3 0000:0a:00.0 enp10s0: Flow control is off for TX and off for RX

Well…that is what it is supposed to do.

It looks like your router is generating a bunch of multicast traffic.

Is this a cause for concern, is the router defective?
I suspected I was being hacked…

It is most likely avahi/zeroconf/mDNS.
Try to open UDP IN port 5353 and check with a wireshark that it is mDNS trafic (filter dns and udp.port eq 5353).

Not likely. Multicast traffic is typically some type of network discovery.

While it theoretically could be used in an attack, it is much more likely to be something mundane.

This is a short recording

230	43.015577876	fd00::285f:a29d:b33a:7b7a	ff02::fb	MDNS	211	Standard query 0x0000 ANY a.7.b.7.a.3.3.b.d.9.2.a.f.5.8.2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.d.f.ip6.arpa, "QM" question ANY I-NET.local, "QM" question AAAA fd00::285f:a29d:b33a:7b7a PTR I-NET.local
231	43.015619811	192.168.178.21	224.0.0.251	MDNS	191	Standard query 0x0000 ANY a.7.b.7.a.3.3.b.d.9.2.a.f.5.8.2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.d.f.ip6.arpa, "QM" question ANY I-NET.local, "QM" question AAAA fd00::285f:a29d:b33a:7b7a PTR I-NET.local
232	43.015663664	fd00::285f:a29d:b33a:7b7a	ff02::fb	MDNS	113	Standard query response 0x0000 AAAA, cache flush 2a02:810a:8b00:3aac:6112:2f10:80cd:2426
233	43.015706160	192.168.178.21	224.0.0.251	MDNS	109	Standard query response 0x0000 A, cache flush 192.168.178.21 AAAA, cache flush 2a02:810a:8b00:3aac:6112:2f10:80cd:2426
234	43.266330747	fd00::285f:a29d:b33a:7b7a	ff02::fb	MDNS	211	Standard query 0x0000 ANY a.7.b.7.a.3.3.b.d.9.2.a.f.5.8.2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.d.f.ip6.arpa, "QM" question ANY I-NET.local, "QM" question AAAA fd00::285f:a29d:b33a:7b7a PTR I-NET.local
235	43.266387288	192.168.178.21	224.0.0.251	MDNS	191	Standard query 0x0000 ANY a.7.b.7.a.3.3.b.d.9.2.a.f.5.8.2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.d.f.ip6.arpa, "QM" question ANY I-NET.local, "QM" question AAAA fd00::285f:a29d:b33a:7b7a PTR I-NET.local
236	43.517510183	fd00::285f:a29d:b33a:7b7a	ff02::fb	MDNS	211	Standard query 0x0000 ANY a.7.b.7.a.3.3.b.d.9.2.a.f.5.8.2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.d.f.ip6.arpa, "QM" question ANY I-NET.local, "QM" question AAAA fd00::285f:a29d:b33a:7b7a PTR I-NET.local
237	43.517591672	192.168.178.21	224.0.0.251	MDNS	191	Standard query 0x0000 ANY a.7.b.7.a.3.3.b.d.9.2.a.f.5.8.2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.d.f.ip6.arpa, "QM" question ANY I-NET.local, "QM" question AAAA fd00::285f:a29d:b33a:7b7a PTR I-NET.local
238	43.517687182	fd00::285f:a29d:b33a:7b7a	ff02::fb	MDNS	113	Standard query response 0x0000 AAAA, cache flush 2a02:810a:8b00:3aac:6112:2f10:80cd:2426
239	43.517786034	192.168.178.21	224.0.0.251	MDNS	109	Standard query response 0x0000 A, cache flush 192.168.178.21 AAAA, cache flush 2a02:810a:8b00:3aac:6112:2f10:80cd:2426
241	43.717670218	192.168.178.21	224.0.0.251	MDNS	179	Standard query response 0x0000 PTR, cache flush I-NET.local AAAA, cache flush fd00::285f:a29d:b33a:7b7a
242	43.717808184	fd00::285f:a29d:b33a:7b7a	ff02::fb	MDNS	199	Standard query response 0x0000 PTR, cache flush I-NET.local AAAA, cache flush fd00::285f:a29d:b33a:7b7a
243	44.166941413	fd00::285f:a29d:b33a:7b7a	ff02::fb	MDNS	199	Standard query response 0x0000 PTR, cache flush I-NET.local AAAA, cache flush fd00::285f:a29d:b33a:7b7a
244	44.167038379	192.168.178.21	224.0.0.251	MDNS	179	Standard query response 0x0000 PTR, cache flush I-NET.local AAAA, cache flush fd00::285f:a29d:b33a:7b7a

Yeah, that looks like mdns traffic.

so it’s safe?

mdns traffic is normal, yes.

ok.
Thank you very much for your help

If you do not use mdns and do not want to see it in the logs you can explicitely drop it.
According to this.

sudo ufw deny from SRC=192.168.178.1 to 224.0.0.1

I have entered your rule.
However, I had to enter it via the GUI, in the terminal, it complained “bad source address”.

Sorry, I did not check the source on the link. The SRC= part should not be there; only the IP address.