Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Rrd ipv6 interpretation

    Scheduled Pinned Locked Moved 2.3-RC Snapshot Feedback and Issues - ARCHIVED
    7 Posts 2 Posters 2.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • G
      grandrivers
      last edited by

      i have no ivp6 rules and also have disabled ipv6 check box

      but looks like i am still passing ipv6? see attached graph

      maybe some hidden rules??

      @0(0) scrub on igb0 all no-df fragment reassemble
        [ Evaluations: 1740879  Packets: 126040    Bytes: 25455017    States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279105745416]
      @1(0) scrub on igb2 all no-df fragment reassemble
        [ Evaluations: 1614988  Packets: 879336    Bytes: 302227477  States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279105745392]
      @2(0) scrub on igb1 all no-df fragment reassemble
        [ Evaluations: 735929    Packets: 735751    Bytes: 261680146  States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279105745368]
      @0(0) anchor "relayd/" all
        [ Evaluations: 31600    Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279105741720]
      @1(0) anchor "openvpn/      " all
        [ Evaluations: 31570    Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279105741696]
      @2(0) anchor "ipsec/" all
        [ Evaluations: 31558    Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279105741672]
      @3(1000104431) pass in quick on lo0 inet6 all flags S/SA keep state label "pass IPv6 loopback"
        [ Evaluations: 31569    Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279105741648]
      @4(1000104432) pass out quick on lo0 inet6 all flags S/SA keep state label "pass IPv6 loopback"
        [ Evaluations: 12        Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279105741624]
      @5(1000104433) block drop in log quick inet6 all label "Block all IPv6"
        [ Evaluations: 31542    Packets: 3575      Bytes: 511529      States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279105741600]
      @6(1000104434) block drop out log quick inet6 all label "Block all IPv6"
        [ Evaluations: 11505    Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279105741576]
      @7(1000104531) block drop in log quick inet from 169.254.0.0/16 to any label "Block IPv4 link-local"
        [ Evaluations: 27993    Packets: 2345      Bytes: 409416      States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279105741552]
      @8(1000104532) block drop in log quick inet from any to 169.254.0.0/16 label "Block IPv4 link-local"
        [ Evaluations: 14138    Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279105741528]
      @9(1000104533) block drop in log inet all label "Default deny rule IPv4"
        [ Evaluations: 14141    Packets: 2169      Bytes: 332125      States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279105741504]
      @10(1000104534) block drop out log inet all label "Default deny rule IPv4"
        [ Evaluations: 25658    Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279105741480]
      @11(1000104535) block drop in log inet6 all label "Default deny rule IPv6"
        [ Evaluations: 25651    Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279105741456]
      @12(1000104536) block drop out log inet6 all label "Default deny rule IPv6"
        [ Evaluations: 11503    Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279105741432]
      @13(1000104537) pass quick inet6 proto ipv6-icmp all icmp6-type unreach keep state
        [ Evaluations: 0        Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279105741408]
      @14(1000104537) pass quick inet6 proto ipv6-icmp all icmp6-type toobig keep state
        [ Evaluations: 0        Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279105741384]
      @15(1000104537) pass quick inet6 proto ipv6-icmp all icmp6-type neighbrsol keep state
        [ Evaluations: 0        Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279105741360]
      @16(1000104537) pass quick inet6 proto ipv6-icmp all icmp6-type neighbradv keep state
        [ Evaluations: 0        Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279105741336]
      @17(1000104538) pass out quick inet6 proto ipv6-icmp from fe80::/10 to fe80::/10 icmp6-type echorep keep state
        [ Evaluations: 0        Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279105741312]
      @18(1000104538) pass out quick inet6 proto ipv6-icmp from fe80::/10 to fe80::/10 icmp6-type routersol keep state
        [ Evaluations: 0        Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279105741288]
      @19(1000104538) pass out quick inet6 proto ipv6-icmp from fe80::/10 to fe80::/10 icmp6-type routeradv keep state
        [ Evaluations: 0        Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279105741264]
      @20(1000104538) pass out quick inet6 proto ipv6-icmp from fe80::/10 to fe80::/10 icmp6-type neighbrsol keep state
        [ Evaluations: 0        Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279105741240]
      @21(1000104538) pass out quick inet6 proto ipv6-icmp from fe80::/10 to fe80::/10 icmp6-type neighbradv keep state
        [ Evaluations: 0        Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279105741216]
      @22(1000104539) pass out quick inet6 proto ipv6-icmp from fe80::/10 to ff02::/16 icmp6-type echorep keep state
        [ Evaluations: 0        Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279105741192]
      @23(1000104539) pass out quick inet6 proto ipv6-icmp from fe80::/10 to ff02::/16 icmp6-type routersol keep state
        [ Evaluations: 0        Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279105741168]
      @24(1000104539) pass out quick inet6 proto ipv6-icmp from fe80::/10 to ff02::/16 icmp6-type routeradv keep state
        [ Evaluations: 0        Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279105741144]
      @25(1000104539) pass out quick inet6 proto ipv6-icmp from fe80::/10 to ff02::/16 icmp6-type neighbrsol keep state
        [ Evaluations: 0        Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279105741120]
      @26(1000104539) pass out quick inet6 proto ipv6-icmp from fe80::/10 to ff02::/16 icmp6-type neighbradv keep state
        [ Evaluations: 0        Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279105741096]
      @27(1000104540) pass in quick inet6 proto ipv6-icmp from fe80::/10 to fe80::/10 icmp6-type echoreq keep state
        [ Evaluations: 0        Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279105741072]
      @28(1000104540) pass in quick inet6 proto ipv6-icmp from fe80::/10 to fe80::/10 icmp6-type routersol keep state
        [ Evaluations: 0        Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279105741048]
      @29(1000104540) pass in quick inet6 proto ipv6-icmp from fe80::/10 to fe80::/10 icmp6-type routeradv keep state
        [ Evaluations: 0        Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279105741024]
      @30(1000104540) pass in quick inet6 proto ipv6-icmp from fe80::/10 to fe80::/10 icmp6-type neighbrsol keep state
        [ Evaluations: 0        Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279105741000]
      @31(1000104540) pass in quick inet6 proto ipv6-icmp from fe80::/10 to fe80::/10 icmp6-type neighbradv keep state
        [ Evaluations: 0        Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279105740976]
      @32(1000104541) pass in quick inet6 proto ipv6-icmp from ff02::/16 to fe80::/10 icmp6-type echoreq keep state
        [ Evaluations: 0        Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279105740952]
      @33(1000104541) pass in quick inet6 proto ipv6-icmp from ff02::/16 to fe80::/10 icmp6-type routersol keep state
        [ Evaluations: 0        Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279105740928]
      @34(1000104541) pass in quick inet6 proto ipv6-icmp from ff02::/16 to fe80::/10 icmp6-type routeradv keep state
        [ Evaluations: 0        Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279105740904]
      @35(1000104541) pass in quick inet6 proto ipv6-icmp from ff02::/16 to fe80::/10 icmp6-type neighbrsol keep state
        [ Evaluations: 0        Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279105740880]
      @36(1000104541) pass in quick inet6 proto ipv6-icmp from ff02::/16 to fe80::/10 icmp6-type neighbradv keep state
        [ Evaluations: 0        Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279105740856]
      @37(1000104542) pass in quick inet6 proto ipv6-icmp from fe80::/10 to ff02::/16 icmp6-type echoreq keep state
        [ Evaluations: 0        Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279105740832]
      @38(1000104542) pass in quick inet6 proto ipv6-icmp from fe80::/10 to ff02::/16 icmp6-type routersol keep state
        [ Evaluations: 0        Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279105740808]
      @39(1000104542) pass in quick inet6 proto ipv6-icmp from fe80::/10 to ff02::/16 icmp6-type routeradv keep state
        [ Evaluations: 0        Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279105532912]
      @40(1000104542) pass in quick inet6 proto ipv6-icmp from fe80::/10 to ff02::/16 icmp6-type neighbrsol keep state
        [ Evaluations: 0        Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279105532888]
      @41(1000104542) pass in quick inet6 proto ipv6-icmp from fe80::/10 to ff02::/16 icmp6-type neighbradv keep state
        [ Evaluations: 0        Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279105532864]
      @42(1000104543) block drop log quick inet proto tcp from any port = 0 to any label "Block traffic from port 0"
        [ Evaluations: 25632    Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279105532840]
      @43(1000104543) block drop log quick inet proto udp from any port = 0 to any label "Block traffic from port 0"
        [ Evaluations: 17070    Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279105532816]
      @44(1000104544) block drop log quick inet proto tcp from any to any port = 0 label "Block traffic to port 0"
        [ Evaluations: 25667    Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279105532792]
      @45(1000104544) block drop log quick inet proto udp from any to any port = 0 label "Block traffic to port 0"
        [ Evaluations: 17066    Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279105532768]
      @46(1000104545) block drop log quick inet6 proto tcp from any port = 0 to any label "Block traffic from port 0"
        [ Evaluations: 25646    Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279105532744]
      @47(1000104545) block drop log quick inet6 proto udp from any port = 0 to any label "Block traffic from port 0"
        [ Evaluations: 0        Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279105532720]
      @48(1000104546) block drop log quick inet6 proto tcp from any to any port = 0 label "Block traffic to port 0"
        [ Evaluations: 0        Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279105532696]
      @49(1000104546) block drop log quick inet6 proto udp from any to any port = 0 label "Block traffic to port 0"
        [ Evaluations: 0        Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279105532672]
      @50(1000104547) block drop log quick from snort2c:0to any label "Block snort2c hosts"
        [ Evaluations: 25632    Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279105532648]
      @51(1000104548) block drop log quick from any to snort2c:0label "Block snort2c hosts"
        [ Evaluations: 25627    Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279105532624]
      @52(1000104731) block drop in log quick proto tcp from sshlockout:0to (self:9) port = ssh label "sshlockout"
        [ Evaluations: 25665    Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279105532600]
      @53(1000104781) block drop in log quick proto tcp from webconfiguratorlockout:0to (self:9) port = 56323 label "webConfiguratorlockout"
        [ Evaluations: 4942      Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279105532576]
      @54(1000000400) block drop in log quick from virusprot:0to any label "virusprot overload table"
        [ Evaluations: 14138    Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279109132888]
      @55(1000106000) block drop in log on ! igb0 inet from 192.168.1.0/24 to any
        [ Evaluations: 14127    Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279109132864]
      @56(1000106000) block drop in log inet from 192.168.1.3 to any
        [ Evaluations: 14124    Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279109132840]
      @57(1000106000) block drop in log on igb0 inet6 from fe80::ec4:7aff:fe09:c12a to any
        [ Evaluations: 14120    Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279109132816]
      @58(1000106021) pass in on igb0 proto udp from any port = bootps to any port = bootpc keep state label "allow dhcp client out DSL"
        [ Evaluations: 292      Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279109132792]
      @59(1000106022) pass out on igb0 proto udp from any port = bootpc to any port = bootps keep state label "allow dhcp client out DSL"
        [ Evaluations: 11624    Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279109132768]
      @60(1000107050) block drop in log on ! igb2 inet from 192.168.35.0/24 to any
        [ Evaluations: 25621    Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279109132744]
      @61(1000107050) block drop in log inet from 192.168.35.1 to any
        [ Evaluations: 14223    Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279109132720]
      @62(1000107050) block drop in log on igb2 inet6 from fe80::ec4:7aff:fe09:c12c to any
        [ Evaluations: 14118    Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279109132696]
      @63(1000107071) pass in quick on igb2 inet proto udp from any port = bootpc to 255.255.255.255 port = bootps keep state label "allow access to DHCP server"
        [ Evaluations: 13307    Packets: 4        Bytes: 1326        States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279109132672]
      @64(1000107072) pass in quick on igb2 inet proto udp from any port = bootpc to 192.168.35.1 port = bootps keep state label "allow access to DHCP server"
        [ Evaluations: 49        Packets: 93        Bytes: 33209      States: 1    ]
        [ Inserted: pid 51068 State Creations: 18446735279109132648]
      @65(1000107073) pass out quick on igb2 inet proto udp from 192.168.35.1 port = bootps to any port = bootpc keep state label "allow access to DHCP server"
        [ Evaluations: 17182    Packets: 3        Bytes: 984        States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279109132624]
      @66(1000107081) pass quick on igb2 inet6 proto udp from fe80::/10 to fe80::/10 port = dhcpv6-client keep state label "allow access to DHCPv6 server"
        [ Evaluations: 5789      Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279109132600]
      @67(1000107082) pass quick on igb2 inet6 proto udp from fe80::/10 to ff02::/16 port = dhcpv6-client keep state label "allow access to DHCPv6 server"
        [ Evaluations: 0        Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279109132576]
      @68(1000107083) pass quick on igb2 inet6 proto udp from fe80::/10 to ff02::/16 port = dhcpv6-server keep state label "allow access to DHCPv6 server"
        [ Evaluations: 0        Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279109132552]
      @69(1000107084) pass quick on igb2 inet6 proto udp from ff02::/16 to fe80::/10 port = dhcpv6-server keep state label "allow access to DHCPv6 server"
        [ Evaluations: 0        Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279109132528]
      @70(1000108091) block drop in log quick on igb1 from bogons:10to any label "block bogon IPv4 networks from CABLEMODEM"
        [ Evaluations: 25564    Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279109132504]
      @71(1000108100) block drop in log on ! igb1 inet from 209.105.187.0/24 to any
        [ Evaluations: 18619    Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279109132480]
      @72(1000108100) block drop in log inet from 209.105.187.107 to any
        [ Evaluations: 14069    Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279109132456]
      @73(1000108100) block drop in log on igb1 inet6 from fe80::ec4:7aff:fe09:c12b to any
        [ Evaluations: 14063    Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279109132432]
      @74(1000108111) block drop in log quick on igb1 inet from 10.0.0.0/8 to any label "Block private networks from CABLEMODEM block 10/8"
        [ Evaluations: 496      Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279109132408]
      @75(1000108112) block drop in log quick on igb1 inet from 127.0.0.0/8 to any label "Block private networks from CABLEMODEM block 127/8"
        [ Evaluations: 496      Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279109132384]
      @76(1000108113) block drop in log quick on igb1 inet from 172.16.0.0/12 to any label "Block private networks from CABLEMODEM block 172.16/12"
        [ Evaluations: 496      Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279109132360]
      @77(1000108114) block drop in log quick on igb1 inet from 192.168.0.0/16 to any label "Block private networks from CABLEMODEM block 192.168/16"
        [ Evaluations: 496      Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279109132336]
      @78(1000108115) block drop in log quick on igb1 inet6 from fc00::/7 to any label "Block ULA networks from CABLEMODEM block fc00::/7"
        [ Evaluations: 496      Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279109132312]
      @79(1000108121) pass in on igb1 proto udp from any port = bootps to any port = bootpc keep state label "allow dhcp client out CABLEMODEM"
        [ Evaluations: 496      Packets: 14        Bytes: 4662        States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279109132288]
      @80(1000108122) pass out on igb1 proto udp from any port = bootpc to any port = bootps keep state label "allow dhcp client out CABLEMODEM"
        [ Evaluations: 11610    Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279109129192]
      @81(1000108141) pass in on lo0 inet all flags S/SA keep state label "pass IPv4 loopback"
        [ Evaluations: 25576    Packets: 96        Bytes: 17256      States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279109129168]
      @82(1000108142) pass out on lo0 inet all flags S/SA keep state label "pass IPv4 loopback"
        [ Evaluations: 24        Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279109129144]
      @83(1000108143) pass in on lo0 inet6 all flags S/SA keep state label "pass IPv6 loopback"
        [ Evaluations: 24        Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279109129120]
      @84(1000108144) pass out on lo0 inet6 all flags S/SA keep state label "pass IPv6 loopback"
        [ Evaluations: 12        Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279109129096]
      @85(1000108145) pass out inet all flags S/SA keep state allow-opts label "let out anything IPv4 from firewall host itself"
        [ Evaluations: 25557    Packets: 8527      Bytes: 3926999    States: 1    ]
        [ Inserted: pid 51068 State Creations: 18446735279109129072]
      @86(1000108146) pass out inet6 all flags S/SA keep state allow-opts label "let out anything IPv6 from firewall host itself"
        [ Evaluations: 11496    Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279109129048]
      @87(1000108241) pass out route-to (igb0 192.168.1.1) inet from 192.168.1.3 to ! 192.168.1.0/24 flags S/SA keep state allow-opts label "let out anything from firewall host itself"
        [ Evaluations: 11491    Packets: 55161    Bytes: 26719078    States: 51    ]
        [ Inserted: pid 51068 State Creations: 18446735279109129024]
      @88(1000108242) pass out route-to (igb1 209.105.187.1) inet from 209.105.187.107 to ! 209.105.187.0/24 flags S/SA keep state allow-opts label "let out anything from firewall host itself"
        [ Evaluations: 11510    Packets: 361403    Bytes: 263273902  States: 81    ]
        [ Inserted: pid 51068 State Creations: 18446735279109129000]
      @89(1000108551) pass in quick on igb2 proto tcp from any to (igb2:2) port = 56323 flags S/SA keep state label "anti-lockout rule"
        [ Evaluations: 25579    Packets: 18694    Bytes: 15216836    States: 12    ]
        [ Inserted: pid 51068 State Creations: 18446735279109128976]
      @90(1000108551) pass in quick on igb2 proto tcp from any to (igb2:2) port = ssh flags S/SA keep state label "anti-lockout rule"
        [ Evaluations: 172      Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279109128952]
      @91(0) anchor "userrules/      " all
        [ Evaluations: 25436    Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279109128928]
      @92(1770001554) block drop in log quick on igb1 reply-to (igb1 209.105.187.1) inet from <pfb_drop:713>to any label "USER_RULE: pfB_drop auto rule"
        [ Evaluations: 25422    Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279109128904]
      @93(1770001850) block drop in log quick on igb1 reply-to (igb1 209.105.187.1) inet from <pfb_dshield:40>to any label "USER_RULE: pfB_dshield auto rule"
        [ Evaluations: 496      Packets: 1        Bytes: 40          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279109128880]
      @94(1770001762) block drop in log quick on igb1 reply-to (igb1 209.105.187.1) inet from <pfb_ciarmy:583>to any label "USER_RULE: pfB_ciarmy auto rule"
        [ Evaluations: 495      Packets: 6        Bytes: 300        States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279109128856]
      @95(1770001554) block drop in log quick on igb0 reply-to (igb0 192.168.1.1) inet from <pfb_drop:713>to any label "USER_RULE: pfB_drop auto rule"
        [ Evaluations: 18465    Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279109128832]
      @96(1770001850) block drop in log quick on igb0 reply-to (igb0 192.168.1.1) inet from <pfb_dshield:40>to any label "USER_RULE: pfB_dshield auto rule"
        [ Evaluations: 292      Packets: 1        Bytes: 44          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279109128808]
      @97(1770001762) block drop in log quick on igb0 reply-to (igb0 192.168.1.1) inet from <pfb_ciarmy:583>to any label "USER_RULE: pfB_ciarmy auto rule"
        [ Evaluations: 291      Packets: 5        Bytes: 268        States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279109128784]
      @98(1770001683) block return in log quick on igb2 inet from any to <pfb_drop:713>label "USER_RULE: pfB_drop auto rule"
        [ Evaluations: 14012    Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279109128760]
      @99(1770001979) block return in log quick on igb2 inet from any to <pfb_dshield:40>label "USER_RULE: pfB_dshield auto rule"
        [ Evaluations: 13130    Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279109128736]
      @100(1770001891) block return in log quick on igb2 inet from any to <pfb_ciarmy:583>label "USER_RULE: pfB_ciarmy auto rule"
        [ Evaluations: 13108    Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279109128712]
      @101(1427224321) pass in log quick on igb0 reply-to (igb0 192.168.1.1) inet proto icmp all keep state label "USER_RULE: icmp pass in "
        [ Evaluations: 13910    Packets: 2        Bytes: 64          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279109128688]
      @102(1411148841) pass in log quick on igb0 reply-to (igb0 192.168.1.1) inet proto tcp from any to 192.168.35.38 port = 27177 flags S/SA keep state label "USER_RULE: NAT "
        [ Evaluations: 285      Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279109128664]
      @103(1411148841) pass in log quick on igb0 reply-to (igb0 192.168.1.1) inet proto udp from any to 192.168.35.38 port = 27177 keep state label "USER_RULE: NAT "
        [ Evaluations: 248      Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279109128640]
      @104(1411148842) pass in log quick on igb0 reply-to (igb0 192.168.1.1) inet proto tcp from any to 192.168.35.38 port = 27178 flags S/SA keep state label "USER_RULE: NAT "
        [ Evaluations: 144      Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279109128616]
      @105(1411148842) pass in log quick on igb0 reply-to (igb0 192.168.1.1) inet proto udp from any to 192.168.35.38 port = 27178 keep state label "USER_RULE: NAT "
        [ Evaluations: 144      Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279109128592]
      @106(1411148845) block drop in log quick on igb2 inet proto udp from any to ! (self:4) port = domain label "USER_RULE: block dns to everything "
        [ Evaluations: 13751    Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279109128568]
      @107(1434217495) pass in log quick on igb2 inet proto udp from any to 192.168.35.1 port = domain keep state label "USER_RULE: Easy Rule: Passed from Firewall Log View"
        [ Evaluations: 2609      Packets: 4850      Bytes: 561641      States: 7    ]
        [ Inserted: pid 51068 State Creations: 18446735279109128544]
      @108(1428682856) pass in log quick on igb2 route-to (igb0 192.168.1.1) inet proto tcp from any to 192.168.1.1 flags S/SA keep state label "USER_RULE"
        [ Evaluations: 10932    Packets: 495      Bytes: 121805      States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279109128520]
      @109(1428550679) pass in log quick on igb2 route-to (igb0 192.168.1.1) inet proto icmp from any to 8.8.4.4 keep state label "USER_RULE"
        [ Evaluations: 10753    Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279109128496]
      @110(1428550717) pass in log quick on igb2 route-to (igb1 209.105.187.1) inet proto icmp from any to 8.8.8.8 keep state label "USER_RULE"
        [ Evaluations: 1        Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279109128472]
      @111(1411148846) pass in log quick on igb2 route-to (igb1 209.105.187.1) inet proto tcp from 192.168.35.0/24 to 192.168.100.1 flags S/SA keep state label "USER_RULE: cm"
        [ Evaluations: 10744    Packets: 51        Bytes: 14695      States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279109128448]
      @112(10000004) pass in log quick on igb2 inet from lockdsl:5to <negate_networks:0>flags S/SA keep state label "NEGATE_ROUTE: Negate policy routing for destination"
        [ Evaluations: 10748    Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279109128424]
      @113(1424909563) pass in log quick on igb2 route-to (igb0 192.168.1.1) inet from lockdsl:5to any flags S/SA keep state label "USER_RULE: lock to dsl "
        [ Evaluations: 1838      Packets: 47739    Bytes: 25503130    States: 46    ]
        [ Inserted: pid 51068 State Creations: 18446735279109128400]
      @114(10000005) pass in log quick on igb2 inet from 192.168.35.0/24 to <negate_networks:0>flags S/SA keep state label "NEGATE_ROUTE: Negate policy routing for destination"
        [ Evaluations: 9148      Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279109128376]
      @115(1411148852) pass in log quick on igb2 route-to { (igb1 209.105.187.1), (igb1 209.105.187.1), (igb1 209.105.187.1), (igb1 209.105.187.1), (igb1 209.105.187.1) } round-robin inet from 192.168.35.0/24 to any flags S/SA keep state label "USER_RULE: Default allow LAN to any rule"
        [ Evaluations: 8558      Packets: 371584    Bytes: 266807427  States: 106  ]
        [ Inserted: pid 51068 State Creations: 18446735279109128352]
      @116(10000006) pass in log quick on igb2 inet from 192.168.35.0/24 to <negate_networks:0>flags S/SA keep state label "NEGATE_ROUTE: Negate policy routing for destination"
        [ Evaluations: 798      Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279109128328]
      @117(1411148851) pass in log quick on igb2 route-to { (igb1 209.105.187.1), (igb1 209.105.187.1), (igb1 209.105.187.1), (igb1 209.105.187.1), (igb1 209.105.187.1), (igb0 192.168.1.1) } round-robin inet from 192.168.35.0/24 to any flags S/SA keep state label "USER_RULE: Default allow LAN to any rule"
        [ Evaluations: 799      Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279109128304]
      @118(1427224396) pass in log quick on igb1 reply-to (igb1 209.105.187.1) inet proto icmp from 8.8.8.8 to any keep state label "USER_RULE: icmp let in "
        [ Evaluations: 2195      Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279109128280]
      @119(1417660864) pass in log quick on igb1 reply-to (igb1 209.105.187.1) inet proto tcp from 208.123.73.0/24 to any port = 56323 flags S/SA keep state label "USER_RULE: web interface "
        [ Evaluations: 489      Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279109128256]
      @120(1417718273) pass in log quick on igb1 reply-to (igb1 209.105.187.1) inet proto tcp from 208.123.73.0/24 to any port = ssh flags S/SA keep state label "USER_RULE: SSH"
        [ Evaluations: 0        Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279109128232]
      @121(1411148857) pass in log quick on igb1 reply-to (igb1 209.105.187.1) inet proto tcp from any to 192.168.35.38 port = 27177 flags S/SA keep state label "USER_RULE: NAT "
        [ Evaluations: 374      Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279109128208]
      @122(1411148857) pass in log quick on igb1 reply-to (igb1 209.105.187.1) inet proto udp from any to 192.168.35.38 port = 27177 keep state label "USER_RULE: NAT "
        [ Evaluations: 115      Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279105745912]
      @123(1411148858) pass in log quick on igb1 reply-to (igb1 209.105.187.1) inet proto tcp from any to 192.168.35.38 port = 27178 flags S/SA keep state label "USER_RULE: NAT "
        [ Evaluations: 3        Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279105745888]
      @124(1411148858) pass in log quick on igb1 reply-to (igb1 209.105.187.1) inet proto udp from any to 192.168.35.38 port = 27178 keep state label "USER_RULE: NAT "
        [ Evaluations: 3        Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279105745864]
      @125(0) anchor "tftp-proxy/*" all
        [ Evaluations: 13680    Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279105745840]
      @126(0) anchor "miniupnpd" all
        [ Evaluations: 13693    Packets: 0        Bytes: 0          States: 0    ]
        [ Inserted: pid 51068 State Creations: 18446735279105745816]
      ![status_rrd_graph_img (3).png](/public/imported_attachments/1/status_rrd_graph_img (3).png)
      ![status_rrd_graph_img (3).png_thumb](/public/imported_attachments/1/status_rrd_graph_img (3).png_thumb)</negate_networks:0></negate_networks:0></lockdsl:5></negate_networks:0></lockdsl:5></pfb_ciarmy:583></pfb_dshield:40></pfb_drop:713></pfb_ciarmy:583></pfb_dshield:40></pfb_drop:713></pfb_ciarmy:583></pfb_dshield:40></pfb_drop:713></bogons:10></virusprot:0></webconfiguratorlockout:0></sshlockout:0></snort2c:0></snort2c:0>

      pfsense plus 25.03 super micro A1SRM-2558F
      C2558 32gig ECC  60gig SSD

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        It's outbound, and given the ruleset you have, likely from the firewall itself making an outbound request. If your firewall has usable IPv6 that could have been several things – DNS, a pfSense package install/update, firmware update, etc.

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • G
          grandrivers
          last edited by

          no i have NO ipv6 on either connection

          pfsense plus 25.03 super micro A1SRM-2558F
          C2558 32gig ECC  60gig SSD

          1 Reply Last reply Reply Quote 0
          • G
            grandrivers
            last edited by

            cable modem says ipv4 only
            dsl modem has not obtained any ipv6 info

            also should disabling ipv6 in advanced setting in pfsence have stopped all ipv6 traffic?

            pfsense plus 25.03 super micro A1SRM-2558F
            C2558 32gig ECC  60gig SSD

            1 Reply Last reply Reply Quote 0
            • G
              grandrivers
              last edited by

              when the traffic graph passes ipv6 seen a spike in the ping times sometimes as high as 10 seconds

              pfsense plus 25.03 super micro A1SRM-2558F
              C2558 32gig ECC  60gig SSD

              1 Reply Last reply Reply Quote 0
              • jimpJ
                jimp Rebel Alliance Developer Netgate
                last edited by

                The box stops IPv6 from entering all interfaces, IIRC, but it does not prevent it from leaving the firewall.

                The observed IPv6 traffic is likely a side effect or a symptom of whatever is causing that other delay, not the cause of it.

                Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

                Need help fast? Netgate Global Support!

                Do not Chat/PM for help!

                1 Reply Last reply Reply Quote 0
                • G
                  grandrivers
                  last edited by

                  @jimp:

                  The observed IPv6 traffic is likely a side effect or a symptom of whatever is causing that other delay, not the cause of it.

                  true one connection uses the other as there backbone and to say its not good is an understatement
                  just thought i stumbled on a lead guess not

                  thanks for the help though

                  pfsense plus 25.03 super micro A1SRM-2558F
                  C2558 32gig ECC  60gig SSD

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post
                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.