Firewall Summary is showing all addresses as IPv6, how can I make it show IPv4?
-
I have a bunch of pfSense boxes in use… and one of them is giving me fits with the logs. For some reason when I view the System Logs> Firewall> Summary, all the addresses are showing up in IPv6. I don't like this... not a bit... I am old and set in my ways, I like my computers big and my IPs small!
So... how do I turn this off, make all the logs only show IPv4 addresses? I seem to have this issue only on one. It is currently running the release below, just because it is in a remote location and I am too chicken to upgrade it remotely.
2.1-RELEASE (i386)
built on Wed Sep 11 18:16:50 EDT 2013
FreeBSD 8.3-RELEASE-p11
 -
Cannot see a single IPv6 address on your screenshot.
-
Cannot see a single IPv6 address on your screenshot.
There are two screenshots, the second one is all IPv4 addresses, the first one has all fe80::… which I assume is an ipv6 local address. Am I mistaken?
Here is the offending screenshot on it's own just in case:
-
There are two screenshots, the second one is all IPv4 addresses, the first one has all fe80::…
Not on the first post, no… there is just one picture and a broken link.
Here is the offending screenshot on it's own just in case:
And how's this related to the other picture? There's pretty much nothing matching in there. Percentages, numbers, all different.
-
Hi,
One is a screenshot of the router that is giving me ip6 addresses, the other is what all of my other routers show me, only ip4 addresses. I updated the original post and removed the confusing screenshot. Thanks for your quick replies.
There are two screenshots, the second one is all IPv4 addresses, the first one has all fe80::…
Not on the first post, no… there is just one picture and a broken link.
Here is the offending screenshot on it's own just in case:
And how's this related to the other picture? There's pretty much nothing matching in there. Percentages, numbers, all different.
-
Dude, now the IPv4 pic is gone and there STILL is a broken image link. You make totally no sense. What "other" routers? What fixes are you expecting on a dead branch?
-
Argh…. I see it fine, even went to a different computer. Ok, I uploaded it as an attachment.
All my routers are pfSense as I stated in the very first sentence in the original post, to wit the 'other routers' would refer to these 'bunch of pfSense boxes' identified at the outset.
For background, I have been using them since pfSense sprang forth from m0n0wall.
Consistently, all my pfSense routers have always shown me only ipv4 for everything. This one pfSense, even though ipv6 is not enabled, is showing all the logs in ipv6. It is the only dhcp server in the network, otherwise the network is a big peer to peer network in a building shared by a bunch of realtors.
Hopfefully that clarifies. Again, thanks for your response.
JP
Dude, now the IPv4 pic is gone and there STILL is a broken image link. You make totally no sense. What "other" routers? What fixes are you expecting on a dead branch?
 -
This one pfSense, even though ipv6 is not enabled, is showing all the logs in ipv6
Yes. So, you are blocking all IPv6 and wondering why the logs are full of IPv6 noise? LOLz. Every decent OS out there now uses IPv6 by default, and prefers it in fact. Stop blocking IPv6 and you won't have irrelevant noise in your firewall logs.
-
Oh… I think I see the issue. All the time I thought the firewall summary log was a top-talker log of passed traffic. I should have known it was showing blocked traffic. That is why my own workstation IP doesn't show up in that graph. :-\
Jeez, I feel like an idiot. I have always used packages to track down bandwidth hogs, rarely using the summary view. I missed the point of the graphics totally.
So, can you do me a favor and point me in the right direction for a search query to find what I need about omitting ip6 log entries in firewall actions?
Thanks for your patience. Sometimes it takes another pair of eyes to see that you are totally missing it!
-
Well, already gave you the hint. Stop blocking IPv6 traffic. Screenshot right above. For traffic usage tracking, there are indeed other packages to use.
-
You can either allow the ipv6, or clean up the network so it doesn't send out ipv6 noise. Or you can block it without logging. While yes pretty much ever modern OS has it enabled out of the box - its in no way actually setup on windows for sure. Windows out of the box has 3 different active methods to use ipv6 over ipv4..
ISATAP (Intra-Site Automatic Tunnel Addressing Protocol) is an IPv6 transition mechanism meant to transmit IPv6 packets between dual-stack nodes on top of an IPv4 network.
Teredo is a transition technology that gives full IPv6 connectivity for IPv6-capable hosts which are on the IPv4 Internet but which have no direct native connection to an IPv6 network.
6to4 is an Internet transition mechanism for migrating from IPv4 to IPv6, a system that allows IPv6 packets to be transmitted over an IPv4 networkYou know what those do if you really don't want to use ipv6, they generate noise on your network ;)
Not even counting the actual dual stack.. While yes you can just allow the noise, or block it without logging on your firewall to clean up your logs. To me the better solution is to clean up your network so it doesn't send out the noise in the first place, or if you want to imbrace ipv6 take the time to actually set it up. Disable of all the ipv6 noise as simple as reg key entry in windows, can use simple command like
reg add hklm\system\currentcontrolset\services\tcpip6\parameters /v DisabledComponents /t REG_DWORD /d 255
Can push out via group policy to clean up all your windows machines so they don't send out noise, etc. If your running other OSes, what? And sure can disable/cleanup the ipv6 on them as well.
-
Simply disable ipv6 on the lan interface of your router should get rid of these. Do not disable ipv6 on your clients, it's not like this is some scary thing, modern operating systems prefer ipv6 and for good reason.
