Update:-

For the people interested, I think I have fixed it.

Following a RTFM event, I binded the mac to the ip.  This has suppressed the errors.

Update 2

Its started again, so I guess the firewall is correct.  The attackers just had a bit of a rest.

Ok So I have found out that it is coming from a computer on my network.  This is a windows10 machine.  I found it not because of the firewall - as its useless because it does not tell you the attacking IP.   Why would they code a firewall like this - shameful.

I have now spent many hours trying to track the offending machine down, and it all boiled down to trial and error due to the inadequacies of this router. Even free ones supplied by the ISP log atacking IP's.

I still have yet to find the offending program or service, and still have to clarify if this is a real attack, or simply a false positive which given this router is more than likely.

Ping of attach is that attacker sends the IP packets larger than 65535 bytes to the others. A little curious about what packets sent by CfoSpeed caused the false positive. If you can show the packets, that will be great.

Umpa wrote

 I found it not because of the firewall - as its useless because it does not tell you the attacking IP.   Why would they code a firewall like this - shameful.

Agree 100%. Why wouldn't you tell us the IP?

Since I am seeing the same thing, would you be able to tell me how you tracked it down yourself? I will need to do that too.

1 packet is not an attack. If you have repeatedly message and you care much about this, try to capture packets.