Blocking SSDP on LAN
-
After upgrading to 2.0 RC3, I went into my Firewall Log to realize that pfsense was blocking LAN entries on IPv6. It looks like this:
Jul 6 08:54:17 LAN fe80::2417:7217:98c0:fbae:58490 ff02::c:1900 (?)
Port 1900 should be a SSDP port. Why is it blocking internal port? I have a rules that should let everything in the LAN go through.
Thanks
-
Are you on the IPv6 branch or the normal RC3? If you're on the normal RC3, IPv6 traffic is all blocked by default. If you really want to control IPv6 traffic in the GUI, you need to be on the IPv6 branch (what will eventually be 2.1). See the IPv6 board of the GUI for more info.
-
Guessing I'm on the regular branch. I just enabled IPv6 for internal (Allow IPv6 All IPv6 will be blocked unless this box is checked.)
This should unblock IPv6 traffic right? It is already checked.
Thanks
-
It should pass, yes, though that is really broadcast/multicast so it doesn't matter what the firewall does to it, it isn't routed traffic.
-
still shows block though. The other thing is that my firewall log gets filled with those lines.
-
Are there any ipv6 rules in your ruleset?
$ grep ipv6 /tmp/rules.debug
-
nope, no rule
