IPV6 traffic in FW logs even with IPV6 disabled
-
I update my Alix box to the Mar 11 08:59:46 build. I disabled IPV6 in the advanced settings, but after a while I noticed that traffic gets logged in the FW log on one of the interfaces. This did not happen with the previous build I was using (Mar 1).
The other unusual thing is that the logs show the IPV6 traffic going in through one of the LAN bridge member interfaces instead of the bridge itself. I have net.link.bridge.pfil_member set to 0 and net.link.bridge.pfil_bridge set to 1. The IPV4 traffic gets logged on the bridge interface as it should.
-
"Disabling" IPv6 just puts in rules that blocks all v6 in and out. It doesn't (and the firewall cannot) prevent anything on your network from sending v6 traffic which may then get blocked by your firewall rules and logged.
-
I understand, but that was not the case up to 10 days ago. If I had IPV6 disabled, the ipv6 traffic blocked by the FW would not be logged.
I just noticed this commit:
https://github.com/pfsense/pfsense/commit/ac135e422b704e6e778b3cd9614da93c2349a851Is that related to this?
-
No, that commit was after you posted this, when looking at the source when I saw your original post I noticed it wasn't logging under any circumstance (but was able to be user-overridden) but should follow the default logging policy.
-
Check all interfaces and rules for IPv6 rules. After deleting these, the logs shouldn't display any new IPv6 related messages.