On Tue, Apr 15, 2014 at 1:41 AM, Chris Buechler <[email protected]> wrote:
> On Sun, Apr 13, 2014 at 7:33 AM, Doug Lytle <[email protected]> wrote: > > Jim Thompson wrote: > >> pfSense release 2.1.2 is now available. pfSense release 2.1.2 follows > less than a week after pfSense release 2.1.1, and is primarily a security > release. > > > > Okay, > > > > I've just upgraded from 2.1.1 to 2.1.2, now I notice that my firewall > > logs are being spammed with IPV6 ICMP notifications. > > > > The "now I notice" being the key part there. Nothing related to that's > changed. If you don't check "Allow IPv6" under System>Advanced, you > have a block all rule on IPv6 with logging. Things on your LAN will > have link local addresses and spew multicast stuff. Probably want to > configure some block rules for v6 with no logging. > _______________________________________________ > List mailing list > [email protected] > https://lists.pfsense.org/mailman/listinfo/list > In my case, the messages are from a link local fe80::0/10 to the IPv6 ICMP Multicast Listener Discover group ff02::16 and also from the same local IP to ff02::d (PIM) which are being caught by the ipv6 bogon rule. For these two types of packets, there is no way in the GUI to create a specific rule for either one; in the ICMP types, there is no MLD type, and there is no PIM protocol available. Do these rules need to be created by hand, or is there an easier way to do it without just blocking all link local IPv6?
_______________________________________________ List mailing list [email protected] https://lists.pfsense.org/mailman/listinfo/list
