Guys, I've seen this many times in my syslog ...
Tue May 23 16:33:35 2017 daemon.warn miniupnpd[2245]: SSDP packet sender 169.254.5.164:55667 not from a LAN, ignoring
Tue May 23 16:33:36 2017 daemon.warn miniupnpd[2245]: SSDP packet sender 169.254.5.164:55667 not from a LAN, ignoring
Tue May 23 16:33:37 2017 daemon.warn miniupnpd[2245]: SSDP packet sender 169.254.5.164:55667 not from a LAN, ignoring
Tue May 23 16:33:38 2017 daemon.warn miniupnpd[2245]: SSDP packet sender 169.254.5.164:55667 not from a LAN, ignoring
Tue May 23 16:33:57 2017 daemon.warn miniupnpd[2245]: SSDP packet sender 169.254.5.164:51436 not from a LAN, ignoring
Tue May 23 16:33:58 2017 daemon.warn miniupnpd[2245]: SSDP packet sender 169.254.5.164:51436 not from a LAN, ignoring
Tue May 23 16:33:59 2017 daemon.warn miniupnpd[2245]: SSDP packet sender 169.254.5.164:51436 not from a LAN, ignoring
Tue May 23 16:34:00 2017 daemon.warn miniupnpd[2245]: SSDP packet sender 169.254.5.164:51436 not from a LAN, ignoring
Tue May 23 16:34:25 2017 daemon.warn miniupnpd[2245]: SSDP packet sender 169.254.5.164:63353 not from a LAN, ignoring
Tue May 23 16:34:26 2017 daemon.warn miniupnpd[2245]: SSDP packet sender 169.254.5.164:63353 not from a LAN, ignoring
Tue May 23 16:34:27 2017 daemon.warn miniupnpd[2245]: SSDP packet sender 169.254.5.164:63353 not from a LAN, ignoring
Tue May 23 16:34:28 2017 daemon.warn miniupnpd[2245]: SSDP packet sender 169.254.5.164:63353 not from a LAN, ignoring
All grouped together in batches ... in the last 48 hours, this has happened just once, but in the past I've seen this many times.
I'm hypothesizing that those "169.x.x,x" packets can be coming from 2 sources:
A) The ISP Router side - BUT ... how did this packages made it through the firewall into miniupnpd?
B) My own internal network - that address is generally auto.assigned when a device can't find a for whatever reason a DHCP server to get an IP address. I'm biased towards thinking that this is not what's happening since all of my devices are working ok and I have all of them mapped to MAC addresses for DHCP assignments.
My paranoid side is telling me it may be someone trying to discover my internal network services ... Ideas?