Today I spotted an entry in the firewall log that's sent me down a bit of a rabbit hole. I default-deny traffic between my different network segments, and I filter most of the mundane stuff before it's logged, so this caught my eye:
Deny UDP 169.254.5.108:17784 255.255.255.255:17784 in via dc1
Apparently port 17784 is the default port for the Universal Discovery & Access Protocol, or UDAP, a network protocol so obscure it doesn't even have a Wikipedia page. UDAP seems to be spoken mostly by LG smart TVs (UDAP originated at LG, as far as I can tell) and by a now-defunct home audio streaming product called a SqueezeBox. I don't own any of this equipment, so naturally I was curious what device the packet came from.
tcpdump for a couple of minutes, I came up with enough multicast packets from
169.254.5.108 to at least figu...