[SOLVED] pve-firewall log

nodea · Jun 17, 2024

Hi
is there anyway to disable ipv6 logging on a LXC firewall (unprivileged container)? The container doesn't have ipv6 enabled and it begins log flooding.

shanreich · Jun 18, 2024

What kind of logging do you have activated? Is it for a specific rule or generic in / out logging?

nodea · Jun 19, 2024

I've enabled a "drop all" with logging as last rule rules on every stage. I don't use ipv6 at all an still getting ipv6 multicast, unpnp, etc. entries in log. All ipv4 'default' rules are covered.

cat /etc/pve/firewall/cluster.fw

Code:

[...]
IN DROP -log warning

cat /etc/pve/nodes/pve/host.fw

Code:

[...]
IN DROP -log warning

cat /etc/pve/firewall/140.fw

Code:

[...]
IN DROP -log warning

shanreich · Jun 19, 2024

You might be able to circumvent that by using 0.0.0.0/0 as source or destination address in the logging rule, then it should only match IPv4 traffic.

nodea · Jun 19, 2024

Thank you Stefan

Search

Search

[SOLVED] pve-firewall log

nodea

New Member

shanreich

Proxmox Staff Member

nodea

New Member

shanreich

Proxmox Staff Member

nodea

New Member

We value your privacy