Hi,
I see a block action on my WAN interface in the firewall live view without a label which I didn't setup myself.
I don't have any rules in the firewall to block on the WAN interface, just the default.
Firewall settings are setup to only log packets blocked by Bogons and Private Networks.
So my confusion is: where does this block come from?
You lopped off the info button in your image (on the far right, normally)(and the opposite port). Is it present? What does it indicate? The popup also offers a rule link which may (or may not) be useful.
Quote from: locus on March 02, 2026, 10:16:33 AMSo my confusion is: where does this block come from?
Default Block Rule because it's traffic none of your Clients need/generated ?!
@pfry
The detailed rule info does not give anymore info. See screenshot
@nero355
Maybe, but how if I disabled the logging of matched default block rules?
Quote from: locus on March 03, 2026, 05:02:38 PM[...]The detailed rule info does not give anymore info.[...]
"Reason: ip-option". You may not even be hitting a rule. Also, is pppoe0 your "WAN"?
pf has 3 spots dropping packets due to "PFRES_IPOPTIONS" and all of them have a "misc" debug message if you want to investigate. The IPv6 routing header seems to be a good offender ;)
Thank you all for the pointers, I will keep an eye on my logs!
For this moment I can say that the external IPv6 address belongs to a company SolarEdge, a producer of PV panels, I have SolarEdge PV panels on my roof connected to an inverter. I don't understand why they initiate a connection to my solarenergy inverter. That should not happen in my view.