16
General Discussion / Potential 20.7 FreeBSD 12 regression with ICMPv6 - Sensei? [FIXED]
« on: July 10, 2020, 04:15:37 pm »
In order to comply with RFC 4890 - Recommendations for Filtering ICMPv6 Messages in Firewalls, in 20.1, I allowed the following ICMP traffic:
https://tools.ietf.org/html/rfc4890#section-4.3.1
I set them in Rules > WAN. cf. attachment
Authorizing this traffic allowed me to get 20/20 at the IPv6 test: ipv6-test.com/
A few weeks ago, I migrated to 20.7.b_181 with the FreeBSD 12 kernel (fresh install). Now, I noticed, that despite having these ICMP whitelisting rules enabled, I have been down graded to 18/20, because this ICMP specific traffic wasn't allowed to pass through anymore :/
Can anyone confirm this issue? I have Sensei installed, maybe the reason?
https://tools.ietf.org/html/rfc4890#section-4.3.1
I set them in Rules > WAN. cf. attachment
Authorizing this traffic allowed me to get 20/20 at the IPv6 test: ipv6-test.com/
A few weeks ago, I migrated to 20.7.b_181 with the FreeBSD 12 kernel (fresh install). Now, I noticed, that despite having these ICMP whitelisting rules enabled, I have been down graded to 18/20, because this ICMP specific traffic wasn't allowed to pass through anymore :/
Can anyone confirm this issue? I have Sensei installed, maybe the reason?