FYI: Error msg when applying ICMPv6 block rule with GUI

Snailer · May 24, 2007, 11:13 PM

Because I dont use IPv6, I thought: Just block it. As I did this with ICMPv6 on my Wan-side, I got this error msg using only the GUI:

There were error(s) loading the rules: /tmp/rules.debug:130: unknown protocol icmp6pfctl: Syntax error in config file: pf rules not loaded - The line in question reads [130]:
block in quick on $wan proto icmp6 from 84.28.56.65 to any label "USER_RULE: Block all ICMPv6"…

cmb · May 24, 2007, 11:52 PM

What version?

Snailer · May 25, 2007, 6:48 PM

I am using the pfSense 1.0.1 RELEASE version. Is that what you want to know? :s

cmb · May 26, 2007, 3:08 AM

Yeah.

It's probably a bug, and probably still a bug in 1.2b1. We removed IPv6 from the kernel entirely, this definitely isn't going to work (no need to allow/block IPv6 traffic, pfsense is going to completely ignore it all).

Snailer · May 26, 2007, 1:06 PM

@cmb:

It's probably a bug, and probably still a bug in 1.2b1. We removed IPv6 from the kernel entirely, this definitely isn't going to work (no need to allow/block IPv6 traffic, pfsense is going to completely ignore it all).

Funny, my dutch linux/bsd magazine stated that their are real plans to push ipv6 into real action. :)
I am aware that ipsense blocks by default -well done-, but it doesn't hurd to add a rule explicitly denying some traffic. (and by this trowing up a 2nd barrier ;D).