Loopback entries in my firewall logs

Ramizak

Should I see this in my logs? I've never seen any entries like this before. I don't have any rules allowing IPV6 traffic on any interface.

Jan 6 13:50:58	lo0	pass IPv6 loopback (1000007813)	  [::1]:5973	  [::1]:123	UDP

Jan 6 13:50:58 lo0 let out anything IPv6 from firewall host itself (1000007816) [::1]:5973 [::1]:123 UDP
Jan 6 13:50:58 lo0 pass IPv6 loopback (1000007813) [::1]:53352 [::1]:123 UDP
Jan 6 13:50:58 lo0 let out anything IPv6 from firewall host itself (1000007816) [::1]:53352 [::1]:123 UDP

johnpoz

@ramizak do you have this checked in the log settings

Log packets matched from the default pass rules put in the ruleset

Ramizak

@johnpoz I do have logging for 3 rules, but they are very specific rules and these entries aren't associated with those rules, but I also checked the tracking IDs from the logs against those rules, and verified they were not the same.

johnpoz

@ramizak not what I was asking about - I was asking if you have this checked in the log settings

[22.05-RELEASE][admin@sg4860.local.lan]/root: cat /tmp/rules.debug | grep loopback
loopback = "{ lo0 }"
# loopback
pass in  on $loopback inet all ridentifier 1000013061 label "pass IPv4 loopback"
pass out  on $loopback inet all ridentifier 1000013062 label "pass IPv4 loopback"
pass in  on $loopback inet6 all ridentifier 1000013063 label "pass IPv6 loopback"
pass out  on $loopback inet6 all ridentifier 1000013064 label "pass IPv6 loopback"
[22.05-RELEASE][admin@sg4860.local.lan]/root: 

Ramizak

Thank you! Yes I did.... I didn't mean to have that checked, but I did. Thanks for the help. I really appreciate it!

johnpoz

@ramizak well that explains it then ;) heheh

Ramizak

@johnpoz Thanks again! I'm a loyal pfSense/Netgate fan. I'm expecting 2 more Netgate boxes tomorrow from FedEx.

johnpoz

@ramizak said in Loopback entries in my firewall logs:

I'm expecting 2 more Netgate boxes tomorrow from FedEx.

sweet.. which ones? New 8200? Are they shipping yet?

Ramizak

@johnpoz Nope. Just 2 2100s. Haven't used them yet. I'm currently running an XG-7100-1U. I'm replacing 2 UniFi USG-PRO 4s with the 2100s.

johnpoz

@ramizak while I love the unifi APs - I had a usg3p for a short time, while my 4860 was back ordered, and need something that could handle my new internet speed. Was never a fan of it, my son used it for a bit at his house. But now its just on my shelf.

I have one of their switches as well (on the shelf).. Not a fan of it either - price point was good, and its a tiny little thing - and can be powered by poe which is nice and there are for sure some use cases for such a switch. The little flex mini, just not a fan of management and configuration of anything other than their APs

Have fun with your new netgates - a late xmas present sort of to play with ;)