Relating Error Message back to the GUI

guardian

Thanks…. that makes sense... got it figured out.

What does the number (1483693418) refer to? 
Is it useful for troubleshooting?

doktornotor

@guardian:

What does the number (1483693418) refer to? 
Is it useful for troubleshooting?

That's a unique tracker ID. Each rule has one, look at pfctl -vvsr output.

Pippin

I would think that is a Unix time stamp, so yeah it`s unique ;)
1483693418 = Fri, 06 Jan 2017 09:03:38 GMT

kpa

@Pippin:

I would think that is a Unix time stamp, so yeah it`s unique ;)
1483693418 = Fri, 06 Jan 2017 09:03:38 GMT

This assuming you can't create two rules within one second :P Hopefully the rule creation system is aware of this…

guardian

Thanks very much everyone for the replies…. and special thank to doktornotor for look at pfctl -vvsr output.

That really helps a lot, I can clearly see what is going on.

I have IPv6 turned off, but this rule:

@5(1000000003) block drop in log quick inet6 all label "Block all IPv6"
  [ Evaluations: 58461    Packets: 4893      Bytes: 1025925    States: 0    ]

is filling my log up with hundreds of lines of:
Jan 17 17:36:49 WAN Block all IPv6 (1000000003) [fe80::2fc:8dff:fe24:8b32] [ff02::1] ICMPv6

and it's above all the rules created by the GUI.  Is there any way for me to get rid of these things?

KOM

Is there any way for me to get rid of these things?

Add or edit your IPv6 block rule and set it to not log.

guardian

@KOM:

Is there any way for me to get rid of these things?

Add or edit your IPv6 block rule and set it to not log.

Where would I edit this rule?  It is auto generated by the firewall, and @5(1000000003) it is way up the chain above the user generated rules.

At least using pfctl -vvsr lets me see what is REALLY going on.  I love the GUI, but sometimes there is nothing better than a good old fashioned terminal - as long as you know what to do with it (which can be a huge challenge).

doktornotor

Add your OWN rule there to block any IPv6 WITHOUT logging. ZOMG.

guardian

This question morphed, so as not to have two threads on the same topic…. I've answered here.

https://forum.pfsense.org/index.php?topic=124074.msg685263#msg685263

The key message of this thread for anyone is:

Use the shell and look at pfctl -vvsr output.

doktornotor

Yeah, the key answer to this thread is - add your own rule to block IPv6 as already told zillion times. Done. Move on. Nothing else. 1 minute. Done.