Firewall being swamped by IPv6 RFC4890 requirements (ICMP) items.

Started by edmscan, August 24, 2024, 05:59:11 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
August 24, 2024, 05:59:11 AM
I have been having issue with the firewall having a ton of these items "IPv6 RFC4890 requirements (ICMP)" in the Firewall Live view. I installed Unbound and IDS / IPS recently as well as Ntopng and Redis. I am not 100% sure what is causing it.

Any assistance would be appreciated or do I just ignore it ?

Thanks

August 24, 2024, 01:15:58 PM #1
You obviously enabled logging of default pass rules under:  Firewall: Settings: Advanced -> Logging

Usually, those are not very interesting. You can look at the details of these packets to find which client(s) is/are causing them and what specifically are the requests.

E.g., ICMP does not have to be ping, it can also be neighbour discovery, which is perfectly normal.
Intel N100, 4 x I226-V, 16 GByte, 256 GByte NVME, ZTE F6005

1100 down / 800 up, Bufferbloat A+
August 24, 2024, 10:37:25 PM #2
Thanks. I can filter them from the live log view but I cannot eliminate them from the Firewall view in the dashboard. I guess it is what it is. If I disable it .. then my firewall live view shows nothing.
August 25, 2024, 07:58:10 AM #3 Last Edit: August 25, 2024, 08:00:57 AM by meyergru
Yes, you can and I already told you, where the setting is, see attached picture. And if your firewall log does not show anything else, then either that is a good thing (tm), or you have not enabled logging for "default block" or your specific rules at all or you are behind CG NAT or have double NAT of some kind such that you are not being scanned or you do not see it.
Intel N100, 4 x I226-V, 16 GByte, 256 GByte NVME, ZTE F6005

1100 down / 800 up, Bufferbloat A+
Print
Go Up Pages1
User actions