Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    2.5.0 Added Disable IPv6 - broken?

    Scheduled Pinned Locked Moved General pfSense Questions
    4 Posts 4 Posters 591 Views 4 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • L Offline
      longliveipv4
      last edited by

      Just upgraded to 2.5.0 An there is an option to disable IPv6 in addition to the original checkbox to block it. I checked disable and even rebooted and IPv6 is still showing up on my logs. I know in previous versions a Kernel recompile was needed to disable it. I just want to hide the IPv6 in my logs because by service provider is spewing alot of it and visually distracting from the IPv4 traffic. If not to turn it off in the Kernel what is that setting for?

      Thanks,

      1 Reply Last reply Reply Quote 0
      • jimpJ Offline
        jimp Rebel Alliance Developer Netgate
        last edited by

        Disabling IPv6 doesn't hide it from everywhere, support is still present in the OS.

        You have a couple choices:

        1. Make your own IPv6 floating rules set to block without logging
        2. Status > System Logs, Settings tab, uncheck the box to log default blocks, and then add your own non-quick floating rule to block and log all IPv4 traffic.

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        GertjanG 1 Reply Last reply Reply Quote 1
        • GertjanG Offline
          Gertjan @jimp
          last edited by

          @longliveipv4: everybody loves IPv4. That why we're here.

          We all also loved phone number with 4 numbers. Is was just perfect.
          And yet they made these longer, and longer, and they even removed the 4 number phone numbers.
          And now we have to deal with those +11 digit numbers.
          And now all the chinese also want a phone. We got the message, we'll be using +14 numbers soon for our phone ( and they don't want the Samsung, they want the iPhone ..... make you wonder why ... )

          @longliveipv4 do you have a phone number ?
          Or do you store your contacts using the names of the person, and the actual phone numbers are not relevant for you ? ;)

          Also : maybe the 1981 defined rules (RFC IPv4 dates from last century) isn't good any more in 2021. So you gona love IPv6.
          As a unique IPv4 for you will be very, very expensive in a nearby future.
          And no one wants to use 40 years old stuff.

          #MeToo, I'll send flowers when IPv4 is shut down for good, if I'm still arround

          No "help me" PM's please. Use the forum, the community will thank you.
          Edit : and where are the logs ??

          1 Reply Last reply Reply Quote 1
          • AKEGECA Offline
            AKEGEC
            last edited by

            @longliveipv4 , This because pfsense allows IPv6 6in4 packets connections. You could try to add two floating firewall rules to Block IPv6 Any to Any. A rule for incoming -interface Wan and a rule for outgoing - interfaces all others lan,opt1. ..
            Then go to Services to disable DHCPv6 Server & RA (Router Advertisements) and DHCPv6 Relay.
            After that disable Allow IPv6 in System>Advanced>Networking. Also Change all IPv6 in interfaces IPv6 configuration select to None.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.