Rrd ipv6 interpretation

grandrivers

i have no ivp6 rules and also have disabled ipv6 check box

but looks like i am still passing ipv6? see attached graph

maybe some hidden rules??

@0(0) scrub on igb0 all no-df fragment reassemble
[ Evaluations: 1740879 Packets: 126040 Bytes: 25455017 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279105745416]
@1(0) scrub on igb2 all no-df fragment reassemble
[ Evaluations: 1614988 Packets: 879336 Bytes: 302227477 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279105745392]
@2(0) scrub on igb1 all no-df fragment reassemble
[ Evaluations: 735929 Packets: 735751 Bytes: 261680146 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279105745368]
@0(0) anchor "relayd/" all
[ Evaluations: 31600 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279105741720]
@1(0) anchor "openvpn/" all
[ Evaluations: 31570 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279105741696]
@2(0) anchor "ipsec/" all
[ Evaluations: 31558 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279105741672]
@3(1000104431) pass in quick on lo0 inet6 all flags S/SA keep state label "pass IPv6 loopback"
[ Evaluations: 31569 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279105741648]
@4(1000104432) pass out quick on lo0 inet6 all flags S/SA keep state label "pass IPv6 loopback"
[ Evaluations: 12 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279105741624]
@5(1000104433) block drop in log quick inet6 all label "Block all IPv6"
[ Evaluations: 31542 Packets: 3575 Bytes: 511529 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279105741600]
@6(1000104434) block drop out log quick inet6 all label "Block all IPv6"
[ Evaluations: 11505 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279105741576]
@7(1000104531) block drop in log quick inet from 169.254.0.0/16 to any label "Block IPv4 link-local"
[ Evaluations: 27993 Packets: 2345 Bytes: 409416 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279105741552]
@8(1000104532) block drop in log quick inet from any to 169.254.0.0/16 label "Block IPv4 link-local"
[ Evaluations: 14138 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279105741528]
@9(1000104533) block drop in log inet all label "Default deny rule IPv4"
[ Evaluations: 14141 Packets: 2169 Bytes: 332125 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279105741504]
@10(1000104534) block drop out log inet all label "Default deny rule IPv4"
[ Evaluations: 25658 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279105741480]
@11(1000104535) block drop in log inet6 all label "Default deny rule IPv6"
[ Evaluations: 25651 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279105741456]
@12(1000104536) block drop out log inet6 all label "Default deny rule IPv6"
[ Evaluations: 11503 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279105741432]
@13(1000104537) pass quick inet6 proto ipv6-icmp all icmp6-type unreach keep state
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279105741408]
@14(1000104537) pass quick inet6 proto ipv6-icmp all icmp6-type toobig keep state
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279105741384]
@15(1000104537) pass quick inet6 proto ipv6-icmp all icmp6-type neighbrsol keep state
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279105741360]
@16(1000104537) pass quick inet6 proto ipv6-icmp all icmp6-type neighbradv keep state
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279105741336]
@17(1000104538) pass out quick inet6 proto ipv6-icmp from fe80::/10 to fe80::/10 icmp6-type echorep keep state
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279105741312]
@18(1000104538) pass out quick inet6 proto ipv6-icmp from fe80::/10 to fe80::/10 icmp6-type routersol keep state
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279105741288]
@19(1000104538) pass out quick inet6 proto ipv6-icmp from fe80::/10 to fe80::/10 icmp6-type routeradv keep state
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279105741264]
@20(1000104538) pass out quick inet6 proto ipv6-icmp from fe80::/10 to fe80::/10 icmp6-type neighbrsol keep state
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279105741240]
@21(1000104538) pass out quick inet6 proto ipv6-icmp from fe80::/10 to fe80::/10 icmp6-type neighbradv keep state
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279105741216]
@22(1000104539) pass out quick inet6 proto ipv6-icmp from fe80::/10 to ff02::/16 icmp6-type echorep keep state
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279105741192]
@23(1000104539) pass out quick inet6 proto ipv6-icmp from fe80::/10 to ff02::/16 icmp6-type routersol keep state
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279105741168]
@24(1000104539) pass out quick inet6 proto ipv6-icmp from fe80::/10 to ff02::/16 icmp6-type routeradv keep state
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279105741144]
@25(1000104539) pass out quick inet6 proto ipv6-icmp from fe80::/10 to ff02::/16 icmp6-type neighbrsol keep state
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279105741120]
@26(1000104539) pass out quick inet6 proto ipv6-icmp from fe80::/10 to ff02::/16 icmp6-type neighbradv keep state
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279105741096]
@27(1000104540) pass in quick inet6 proto ipv6-icmp from fe80::/10 to fe80::/10 icmp6-type echoreq keep state
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279105741072]
@28(1000104540) pass in quick inet6 proto ipv6-icmp from fe80::/10 to fe80::/10 icmp6-type routersol keep state
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279105741048]
@29(1000104540) pass in quick inet6 proto ipv6-icmp from fe80::/10 to fe80::/10 icmp6-type routeradv keep state
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279105741024]
@30(1000104540) pass in quick inet6 proto ipv6-icmp from fe80::/10 to fe80::/10 icmp6-type neighbrsol keep state
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279105741000]
@31(1000104540) pass in quick inet6 proto ipv6-icmp from fe80::/10 to fe80::/10 icmp6-type neighbradv keep state
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279105740976]
@32(1000104541) pass in quick inet6 proto ipv6-icmp from ff02::/16 to fe80::/10 icmp6-type echoreq keep state
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279105740952]
@33(1000104541) pass in quick inet6 proto ipv6-icmp from ff02::/16 to fe80::/10 icmp6-type routersol keep state
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279105740928]
@34(1000104541) pass in quick inet6 proto ipv6-icmp from ff02::/16 to fe80::/10 icmp6-type routeradv keep state
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279105740904]
@35(1000104541) pass in quick inet6 proto ipv6-icmp from ff02::/16 to fe80::/10 icmp6-type neighbrsol keep state
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279105740880]
@36(1000104541) pass in quick inet6 proto ipv6-icmp from ff02::/16 to fe80::/10 icmp6-type neighbradv keep state
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279105740856]
@37(1000104542) pass in quick inet6 proto ipv6-icmp from fe80::/10 to ff02::/16 icmp6-type echoreq keep state
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279105740832]
@38(1000104542) pass in quick inet6 proto ipv6-icmp from fe80::/10 to ff02::/16 icmp6-type routersol keep state
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279105740808]
@39(1000104542) pass in quick inet6 proto ipv6-icmp from fe80::/10 to ff02::/16 icmp6-type routeradv keep state
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279105532912]
@40(1000104542) pass in quick inet6 proto ipv6-icmp from fe80::/10 to ff02::/16 icmp6-type neighbrsol keep state
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279105532888]
@41(1000104542) pass in quick inet6 proto ipv6-icmp from fe80::/10 to ff02::/16 icmp6-type neighbradv keep state
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279105532864]
@42(1000104543) block drop log quick inet proto tcp from any port = 0 to any label "Block traffic from port 0"
[ Evaluations: 25632 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279105532840]
@43(1000104543) block drop log quick inet proto udp from any port = 0 to any label "Block traffic from port 0"
[ Evaluations: 17070 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279105532816]
@44(1000104544) block drop log quick inet proto tcp from any to any port = 0 label "Block traffic to port 0"
[ Evaluations: 25667 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279105532792]
@45(1000104544) block drop log quick inet proto udp from any to any port = 0 label "Block traffic to port 0"
[ Evaluations: 17066 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279105532768]
@46(1000104545) block drop log quick inet6 proto tcp from any port = 0 to any label "Block traffic from port 0"
[ Evaluations: 25646 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279105532744]
@47(1000104545) block drop log quick inet6 proto udp from any port = 0 to any label "Block traffic from port 0"
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279105532720]
@48(1000104546) block drop log quick inet6 proto tcp from any to any port = 0 label "Block traffic to port 0"
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279105532696]
@49(1000104546) block drop log quick inet6 proto udp from any to any port = 0 label "Block traffic to port 0"
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279105532672]
@50(1000104547) block drop log quick from snort2c:0to any label "Block snort2c hosts"
[ Evaluations: 25632 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279105532648]
@51(1000104548) block drop log quick from any to snort2c:0label "Block snort2c hosts"
[ Evaluations: 25627 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279105532624]
@52(1000104731) block drop in log quick proto tcp from sshlockout:0to (self:9) port = ssh label "sshlockout"
[ Evaluations: 25665 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279105532600]
@53(1000104781) block drop in log quick proto tcp from webconfiguratorlockout:0to (self:9) port = 56323 label "webConfiguratorlockout"
[ Evaluations: 4942 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279105532576]
@54(1000000400) block drop in log quick from virusprot:0to any label "virusprot overload table"
[ Evaluations: 14138 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279109132888]
@55(1000106000) block drop in log on ! igb0 inet from 192.168.1.0/24 to any
[ Evaluations: 14127 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279109132864]
@56(1000106000) block drop in log inet from 192.168.1.3 to any
[ Evaluations: 14124 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279109132840]
@57(1000106000) block drop in log on igb0 inet6 from fe80::ec4:7aff:fe09:c12a to any
[ Evaluations: 14120 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279109132816]
@58(1000106021) pass in on igb0 proto udp from any port = bootps to any port = bootpc keep state label "allow dhcp client out DSL"
[ Evaluations: 292 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279109132792]
@59(1000106022) pass out on igb0 proto udp from any port = bootpc to any port = bootps keep state label "allow dhcp client out DSL"
[ Evaluations: 11624 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279109132768]
@60(1000107050) block drop in log on ! igb2 inet from 192.168.35.0/24 to any
[ Evaluations: 25621 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279109132744]
@61(1000107050) block drop in log inet from 192.168.35.1 to any
[ Evaluations: 14223 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279109132720]
@62(1000107050) block drop in log on igb2 inet6 from fe80::ec4:7aff:fe09:c12c to any
[ Evaluations: 14118 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279109132696]
@63(1000107071) pass in quick on igb2 inet proto udp from any port = bootpc to 255.255.255.255 port = bootps keep state label "allow access to DHCP server"
[ Evaluations: 13307 Packets: 4 Bytes: 1326 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279109132672]
@64(1000107072) pass in quick on igb2 inet proto udp from any port = bootpc to 192.168.35.1 port = bootps keep state label "allow access to DHCP server"
[ Evaluations: 49 Packets: 93 Bytes: 33209 States: 1 ]
[ Inserted: pid 51068 State Creations: 18446735279109132648]
@65(1000107073) pass out quick on igb2 inet proto udp from 192.168.35.1 port = bootps to any port = bootpc keep state label "allow access to DHCP server"
[ Evaluations: 17182 Packets: 3 Bytes: 984 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279109132624]
@66(1000107081) pass quick on igb2 inet6 proto udp from fe80::/10 to fe80::/10 port = dhcpv6-client keep state label "allow access to DHCPv6 server"
[ Evaluations: 5789 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279109132600]
@67(1000107082) pass quick on igb2 inet6 proto udp from fe80::/10 to ff02::/16 port = dhcpv6-client keep state label "allow access to DHCPv6 server"
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279109132576]
@68(1000107083) pass quick on igb2 inet6 proto udp from fe80::/10 to ff02::/16 port = dhcpv6-server keep state label "allow access to DHCPv6 server"
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279109132552]
@69(1000107084) pass quick on igb2 inet6 proto udp from ff02::/16 to fe80::/10 port = dhcpv6-server keep state label "allow access to DHCPv6 server"
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279109132528]
@70(1000108091) block drop in log quick on igb1 from bogons:10to any label "block bogon IPv4 networks from CABLEMODEM"
[ Evaluations: 25564 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279109132504]
@71(1000108100) block drop in log on ! igb1 inet from 209.105.187.0/24 to any
[ Evaluations: 18619 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279109132480]
@72(1000108100) block drop in log inet from 209.105.187.107 to any
[ Evaluations: 14069 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279109132456]
@73(1000108100) block drop in log on igb1 inet6 from fe80::ec4:7aff:fe09:c12b to any
[ Evaluations: 14063 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279109132432]
@74(1000108111) block drop in log quick on igb1 inet from 10.0.0.0/8 to any label "Block private networks from CABLEMODEM block 10/8"
[ Evaluations: 496 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279109132408]
@75(1000108112) block drop in log quick on igb1 inet from 127.0.0.0/8 to any label "Block private networks from CABLEMODEM block 127/8"
[ Evaluations: 496 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279109132384]
@76(1000108113) block drop in log quick on igb1 inet from 172.16.0.0/12 to any label "Block private networks from CABLEMODEM block 172.16/12"
[ Evaluations: 496 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279109132360]
@77(1000108114) block drop in log quick on igb1 inet from 192.168.0.0/16 to any label "Block private networks from CABLEMODEM block 192.168/16"
[ Evaluations: 496 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279109132336]
@78(1000108115) block drop in log quick on igb1 inet6 from fc00::/7 to any label "Block ULA networks from CABLEMODEM block fc00::/7"
[ Evaluations: 496 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279109132312]
@79(1000108121) pass in on igb1 proto udp from any port = bootps to any port = bootpc keep state label "allow dhcp client out CABLEMODEM"
[ Evaluations: 496 Packets: 14 Bytes: 4662 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279109132288]
@80(1000108122) pass out on igb1 proto udp from any port = bootpc to any port = bootps keep state label "allow dhcp client out CABLEMODEM"
[ Evaluations: 11610 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279109129192]
@81(1000108141) pass in on lo0 inet all flags S/SA keep state label "pass IPv4 loopback"
[ Evaluations: 25576 Packets: 96 Bytes: 17256 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279109129168]
@82(1000108142) pass out on lo0 inet all flags S/SA keep state label "pass IPv4 loopback"
[ Evaluations: 24 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279109129144]
@83(1000108143) pass in on lo0 inet6 all flags S/SA keep state label "pass IPv6 loopback"
[ Evaluations: 24 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279109129120]
@84(1000108144) pass out on lo0 inet6 all flags S/SA keep state label "pass IPv6 loopback"
[ Evaluations: 12 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279109129096]
@85(1000108145) pass out inet all flags S/SA keep state allow-opts label "let out anything IPv4 from firewall host itself"
[ Evaluations: 25557 Packets: 8527 Bytes: 3926999 States: 1 ]
[ Inserted: pid 51068 State Creations: 18446735279109129072]
@86(1000108146) pass out inet6 all flags S/SA keep state allow-opts label "let out anything IPv6 from firewall host itself"
[ Evaluations: 11496 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279109129048]
@87(1000108241) pass out route-to (igb0 192.168.1.1) inet from 192.168.1.3 to ! 192.168.1.0/24 flags S/SA keep state allow-opts label "let out anything from firewall host itself"
[ Evaluations: 11491 Packets: 55161 Bytes: 26719078 States: 51 ]
[ Inserted: pid 51068 State Creations: 18446735279109129024]
@88(1000108242) pass out route-to (igb1 209.105.187.1) inet from 209.105.187.107 to ! 209.105.187.0/24 flags S/SA keep state allow-opts label "let out anything from firewall host itself"
[ Evaluations: 11510 Packets: 361403 Bytes: 263273902 States: 81 ]
[ Inserted: pid 51068 State Creations: 18446735279109129000]
@89(1000108551) pass in quick on igb2 proto tcp from any to (igb2:2) port = 56323 flags S/SA keep state label "anti-lockout rule"
[ Evaluations: 25579 Packets: 18694 Bytes: 15216836 States: 12 ]
[ Inserted: pid 51068 State Creations: 18446735279109128976]
@90(1000108551) pass in quick on igb2 proto tcp from any to (igb2:2) port = ssh flags S/SA keep state label "anti-lockout rule"
[ Evaluations: 172 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279109128952]
@91(0) anchor "userrules/" all
[ Evaluations: 25436 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279109128928]
@92(1770001554) block drop in log quick on igb1 reply-to (igb1 209.105.187.1) inet from <pfb_drop:713>to any label "USER_RULE: pfB_drop auto rule"
[ Evaluations: 25422 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279109128904]
@93(1770001850) block drop in log quick on igb1 reply-to (igb1 209.105.187.1) inet from <pfb_dshield:40>to any label "USER_RULE: pfB_dshield auto rule"
[ Evaluations: 496 Packets: 1 Bytes: 40 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279109128880]
@94(1770001762) block drop in log quick on igb1 reply-to (igb1 209.105.187.1) inet from <pfb_ciarmy:583>to any label "USER_RULE: pfB_ciarmy auto rule"
[ Evaluations: 495 Packets: 6 Bytes: 300 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279109128856]
@95(1770001554) block drop in log quick on igb0 reply-to (igb0 192.168.1.1) inet from <pfb_drop:713>to any label "USER_RULE: pfB_drop auto rule"
[ Evaluations: 18465 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279109128832]
@96(1770001850) block drop in log quick on igb0 reply-to (igb0 192.168.1.1) inet from <pfb_dshield:40>to any label "USER_RULE: pfB_dshield auto rule"
[ Evaluations: 292 Packets: 1 Bytes: 44 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279109128808]
@97(1770001762) block drop in log quick on igb0 reply-to (igb0 192.168.1.1) inet from <pfb_ciarmy:583>to any label "USER_RULE: pfB_ciarmy auto rule"
[ Evaluations: 291 Packets: 5 Bytes: 268 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279109128784]
@98(1770001683) block return in log quick on igb2 inet from any to <pfb_drop:713>label "USER_RULE: pfB_drop auto rule"
[ Evaluations: 14012 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279109128760]
@99(1770001979) block return in log quick on igb2 inet from any to <pfb_dshield:40>label "USER_RULE: pfB_dshield auto rule"
[ Evaluations: 13130 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279109128736]
@100(1770001891) block return in log quick on igb2 inet from any to <pfb_ciarmy:583>label "USER_RULE: pfB_ciarmy auto rule"
[ Evaluations: 13108 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279109128712]
@101(1427224321) pass in log quick on igb0 reply-to (igb0 192.168.1.1) inet proto icmp all keep state label "USER_RULE: icmp pass in "
[ Evaluations: 13910 Packets: 2 Bytes: 64 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279109128688]
@102(1411148841) pass in log quick on igb0 reply-to (igb0 192.168.1.1) inet proto tcp from any to 192.168.35.38 port = 27177 flags S/SA keep state label "USER_RULE: NAT "
[ Evaluations: 285 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279109128664]
@103(1411148841) pass in log quick on igb0 reply-to (igb0 192.168.1.1) inet proto udp from any to 192.168.35.38 port = 27177 keep state label "USER_RULE: NAT "
[ Evaluations: 248 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279109128640]
@104(1411148842) pass in log quick on igb0 reply-to (igb0 192.168.1.1) inet proto tcp from any to 192.168.35.38 port = 27178 flags S/SA keep state label "USER_RULE: NAT "
[ Evaluations: 144 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279109128616]
@105(1411148842) pass in log quick on igb0 reply-to (igb0 192.168.1.1) inet proto udp from any to 192.168.35.38 port = 27178 keep state label "USER_RULE: NAT "
[ Evaluations: 144 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279109128592]
@106(1411148845) block drop in log quick on igb2 inet proto udp from any to ! (self:4) port = domain label "USER_RULE: block dns to everything "
[ Evaluations: 13751 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279109128568]
@107(1434217495) pass in log quick on igb2 inet proto udp from any to 192.168.35.1 port = domain keep state label "USER_RULE: Easy Rule: Passed from Firewall Log View"
[ Evaluations: 2609 Packets: 4850 Bytes: 561641 States: 7 ]
[ Inserted: pid 51068 State Creations: 18446735279109128544]
@108(1428682856) pass in log quick on igb2 route-to (igb0 192.168.1.1) inet proto tcp from any to 192.168.1.1 flags S/SA keep state label "USER_RULE"
[ Evaluations: 10932 Packets: 495 Bytes: 121805 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279109128520]
@109(1428550679) pass in log quick on igb2 route-to (igb0 192.168.1.1) inet proto icmp from any to 8.8.4.4 keep state label "USER_RULE"
[ Evaluations: 10753 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279109128496]
@110(1428550717) pass in log quick on igb2 route-to (igb1 209.105.187.1) inet proto icmp from any to 8.8.8.8 keep state label "USER_RULE"
[ Evaluations: 1 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279109128472]
@111(1411148846) pass in log quick on igb2 route-to (igb1 209.105.187.1) inet proto tcp from 192.168.35.0/24 to 192.168.100.1 flags S/SA keep state label "USER_RULE: cm"
[ Evaluations: 10744 Packets: 51 Bytes: 14695 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279109128448]
@112(10000004) pass in log quick on igb2 inet from lockdsl:5to <negate_networks:0>flags S/SA keep state label "NEGATE_ROUTE: Negate policy routing for destination"
[ Evaluations: 10748 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279109128424]
@113(1424909563) pass in log quick on igb2 route-to (igb0 192.168.1.1) inet from lockdsl:5to any flags S/SA keep state label "USER_RULE: lock to dsl "
[ Evaluations: 1838 Packets: 47739 Bytes: 25503130 States: 46 ]
[ Inserted: pid 51068 State Creations: 18446735279109128400]
@114(10000005) pass in log quick on igb2 inet from 192.168.35.0/24 to <negate_networks:0>flags S/SA keep state label "NEGATE_ROUTE: Negate policy routing for destination"
[ Evaluations: 9148 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279109128376]
@115(1411148852) pass in log quick on igb2 route-to { (igb1 209.105.187.1), (igb1 209.105.187.1), (igb1 209.105.187.1), (igb1 209.105.187.1), (igb1 209.105.187.1) } round-robin inet from 192.168.35.0/24 to any flags S/SA keep state label "USER_RULE: Default allow LAN to any rule"
[ Evaluations: 8558 Packets: 371584 Bytes: 266807427 States: 106 ]
[ Inserted: pid 51068 State Creations: 18446735279109128352]
@116(10000006) pass in log quick on igb2 inet from 192.168.35.0/24 to <negate_networks:0>flags S/SA keep state label "NEGATE_ROUTE: Negate policy routing for destination"
[ Evaluations: 798 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279109128328]
@117(1411148851) pass in log quick on igb2 route-to { (igb1 209.105.187.1), (igb1 209.105.187.1), (igb1 209.105.187.1), (igb1 209.105.187.1), (igb1 209.105.187.1), (igb0 192.168.1.1) } round-robin inet from 192.168.35.0/24 to any flags S/SA keep state label "USER_RULE: Default allow LAN to any rule"
[ Evaluations: 799 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279109128304]
@118(1427224396) pass in log quick on igb1 reply-to (igb1 209.105.187.1) inet proto icmp from 8.8.8.8 to any keep state label "USER_RULE: icmp let in "
[ Evaluations: 2195 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279109128280]
@119(1417660864) pass in log quick on igb1 reply-to (igb1 209.105.187.1) inet proto tcp from 208.123.73.0/24 to any port = 56323 flags S/SA keep state label "USER_RULE: web interface "
[ Evaluations: 489 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279109128256]
@120(1417718273) pass in log quick on igb1 reply-to (igb1 209.105.187.1) inet proto tcp from 208.123.73.0/24 to any port = ssh flags S/SA keep state label "USER_RULE: SSH"
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279109128232]
@121(1411148857) pass in log quick on igb1 reply-to (igb1 209.105.187.1) inet proto tcp from any to 192.168.35.38 port = 27177 flags S/SA keep state label "USER_RULE: NAT "
[ Evaluations: 374 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279109128208]
@122(1411148857) pass in log quick on igb1 reply-to (igb1 209.105.187.1) inet proto udp from any to 192.168.35.38 port = 27177 keep state label "USER_RULE: NAT "
[ Evaluations: 115 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279105745912]
@123(1411148858) pass in log quick on igb1 reply-to (igb1 209.105.187.1) inet proto tcp from any to 192.168.35.38 port = 27178 flags S/SA keep state label "USER_RULE: NAT "
[ Evaluations: 3 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279105745888]
@124(1411148858) pass in log quick on igb1 reply-to (igb1 209.105.187.1) inet proto udp from any to 192.168.35.38 port = 27178 keep state label "USER_RULE: NAT "
[ Evaluations: 3 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279105745864]
@125(0) anchor "tftp-proxy/*" all
[ Evaluations: 13680 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279105745840]
@126(0) anchor "miniupnpd" all
[ Evaluations: 13693 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 51068 State Creations: 18446735279105745816]
![status_rrd_graph_img (3).png](/public/imported_attachments/1/status_rrd_graph_img (3).png)
![status_rrd_graph_img (3).png_thumb](/public/imported_attachments/1/status_rrd_graph_img (3).png_thumb)</negate_networks:0></negate_networks:0></lockdsl:5></negate_networks:0></lockdsl:5></pfb_ciarmy:583></pfb_dshield:40></pfb_drop:713></pfb_ciarmy:583></pfb_dshield:40></pfb_drop:713></pfb_ciarmy:583></pfb_dshield:40></pfb_drop:713></bogons:10></virusprot:0></webconfiguratorlockout:0></sshlockout:0></snort2c:0></snort2c:0>

jimp

It's outbound, and given the ruleset you have, likely from the firewall itself making an outbound request. If your firewall has usable IPv6 that could have been several things – DNS, a pfSense package install/update, firmware update, etc.

grandrivers

no i have NO ipv6 on either connection

grandrivers

cable modem says ipv4 only
dsl modem has not obtained any ipv6 info

also should disabling ipv6 in advanced setting in pfsence have stopped all ipv6 traffic?

grandrivers

when the traffic graph passes ipv6 seen a spike in the ping times sometimes as high as 10 seconds

jimp

The box stops IPv6 from entering all interfaces, IIRC, but it does not prevent it from leaving the firewall.

The observed IPv6 traffic is likely a side effect or a symptom of whatever is causing that other delay, not the cause of it.

grandrivers

@jimp:

The observed IPv6 traffic is likely a side effect or a symptom of whatever is causing that other delay, not the cause of it.

true one connection uses the other as there backbone and to say its not good is an understatement
just thought i stumbled on a lead guess not

thanks for the help though

Rrd ipv6 interpretation

Products

Services

Support

News

Resources

Company

Our Mission

Subscribe to our Newsletter