Help with firewall and ICMPv6
My firewall is flooded with entries like the one below, so much so that it effectively disabled another machine taking syslog data.
This started today
I confess i am completely clueless here.
built on Wed Sep 11 18:16:22 EDT 2013
Jan 18 01:45:45 WAN [::201:5cff:fe64:] [ff02::1:ff51:****] ICMPv6
FYI I added some * in the addresses above.
I have completely formatted the drive, reinstalled and left pfsense at defaults (other than DHCP and static routes) but it continues.
In addition this is going on in system logs: syslogd: kernel boot file is /boot/kernel/kernel
Jan 18 01:39:20 syslogd: exiting on signal 15, over and over.
:-[ this worked…
After an hour or so the messages came back, basically they are ipv6 DNS multicast and various "normal" traffic.
I found that shutting off ipv6 on the OSX machines and Linux machines solved most of the traffic but the single biggest problem was the wireless router, switching this to "local link only" solved that issue.
No more ipv6 multicast DNS request and spam.
Literally everything going through the router generated a response.
Manual blocking rules didn't stop it, EasyRuleBlock didn't stop it, tried every variation I could find, only shutting off ipv6 on all the machines solved my problem, most likely not an option for most people.
If you're curious:
[quote]sudo nano /etc/default/grub
Find the line that contain "GRUB_CMDLINE_LINUX_DEFAULT":
Add "ipv6.disable=1" to the boot option, then save your grub file:
GRUB_CMDLINE_LINUX_DEFAULT="ipv6.disable=1 quiet splash"
Finally, update grub:
networksetup -setv6off Ethernet
Win7 does not seem to be a problem.
I apologize if this is already known or useless information, as I confessed I'm a neophyte and these things are challenging for me.