Здравствуйте
Стоит керио. Как заблокировать ip спуфинга? в правилах указал блокировку для нужного ip, но спуфинг продалжается с этого же ip...169.254.85.110
Скопировал часть атаки, идёт каждую секунду:
[07/Sep/2025 21:01:45] IPS: Packet drop, severity: Blacklist, Rule ID: 1:2400011 ET DROP Spamhaus DROP Listed Traffic Inbound group 12, proto:TCP, ip/port:192.168.141.198:56311 -> 141.95.47.111:17351
[07/Sep/2025 21:01:47] Anti-spoofing: Packet from LAN, proto:UDP, len:72, 169.254.85.110:61671 -> 192.168.141.1:53, udplen:44
[07/Sep/2025 21:01:47] Anti-spoofing: Packet from LAN, proto:UDP, len:72, 169.254.85.110:61671 -> 192.168.141.2:53, udplen:44
[07/Sep/2025 21:01:48] Anti-spoofing: Packet from LAN, proto:UDP, len:156, 169.254.85.110:54683 -> 192.168.141.165:161, udplen:128
[07/Sep/2025 21:01:48] Anti-spoofing: Packet from LAN, proto:UDP, len:107, 169.254.85.110:54683 -> 192.168.141.165:161, udplen:79
[07/Sep/2025 21:01:48] Anti-spoofing: Packet from LAN, proto:UDP, len:107, 169.254.85.110:54683 -> 192.168.141.99:161, udplen:79
[07/Sep/2025 21:01:50] Anti-spoofing: Packet from LAN, proto:UDP, len:156, 169.254.85.110:54683 -> 192.168.141.165:161, udplen:128
[07/Sep/2025 21:01:51] Anti-spoofing: Packet from LAN, proto:UDP, len:156, 169.254.85.110:54683 -> 192.168.141.165:161, udplen:128
[07/Sep/2025 21:01:58] Anti-spoofing: Packet from LAN, proto:UDP, len:156, 169.254.85.110:54683 -> 192.168.141.165:161, udplen:128
[07/Sep/2025 21:02:00] Anti-spoofing: Packet from LAN, proto:UDP, len:156, 169.254.85.110:54683 -> 192.168.141.165:161, udplen:128
[07/Sep/2025 21:02:01] Anti-spoofing: Packet from LAN, proto:UDP, len:156, 169.254.85.110:54683 -> 192.168.141.165:161, udplen:128
[07/Sep/2025 21:02:05] IPS: Packet drop, severity: Blacklist, Rule ID: 1:2400016 ET DROP Spamhaus DROP Listed Traffic Inbound group 17, proto:TCP, ip/port:176.65.148.177:47370 -> 178.124.221.206:6036
Простой
