Estou vendo entradas de diário como as seguintes, que aparecem em intervalos regulares de quatro segundos:
Jan 22 19:31:00 tara kernel: OUT-global:IN= OUT=enp3s0f2 SRC=fe80:0000:0000:0000:56e4:c37c:30cc:668f DST=ff02:0000:0000:0000:0000:0000:0000:0002 LEN=48 TC=0 HOPLIMIT=255 FLOWLBL=158870 PROTO=ICMPv6 TYPE=133 CODE=0
Jan 22 19:31:04 tara kernel: OUT-global:IN= OUT=enp3s0f2 SRC=fe80:0000:0000:0000:56e4:c37c:30cc:668f DST=ff02:0000:0000:0000:0000:0000:0000:0002 LEN=48 TC=0 HOPLIMIT=255 FLOWLBL=158870 PROTO=ICMPv6 TYPE=133 CODE=0
Jan 22 19:31:08 tara kernel: OUT-global:IN= OUT=enp3s0f2 SRC=fe80:0000:0000:0000:56e4:c37c:30cc:668f DST=ff02:0000:0000:0000:0000:0000:0000:0002 LEN=48 TC=0 HOPLIMIT=255 FLOWLBL=158870 PROTO=ICMPv6 TYPE=133 CODE=0
Jan 22 19:31:12 tara kernel: OUT-global:IN= OUT=enp3s0f2 SRC=fe80:0000:0000:0000:56e4:c37c:30cc:668f DST=ff02:0000:0000:0000:0000:0000:0000:0002 LEN=48 TC=0 HOPLIMIT=255 FLOWLBL=158870 PROTO=ICMPv6 TYPE=133 CODE=0
RFC4890 - Recomendações para filtrar mensagens ICMPv6 em firewall lista Router Solicitation (Type 133)
em Section 4.4.1 - Traffic That Must Not Be Dropped
.
Mas parece que minha configuração está de fato caindo neles.
Meus iptables são gerados por firehol
, configurado assim:
version 6
# ssh on port 5090 (ssh is a built-in service name)
server_ssh_hidden_ports="tcp/5090"
client_ssh_hidden_ports="default"
# mosh
server_mosh_ports="udp/60001:60020" # Mosh uses 60001 to 60999 counting up
client_mosh_ports="default"
# NoMachine (nxserver is a built-in, but seemingly on incorrect ports)
server_nomachine_ports="tcp/4000"
client_nomachine_ports="default"
# Deluge
server_deluge_ports="tcp/8112"
client_deluge_ports="default"
# Zerotier-one
interface zt0 zerotier
policy reject # be nicer than default "drop" on internal network
protection strong
server "ssh_hidden mosh" accept with limit 8/min 10 # rate/period [burst]
server "nomachine deluge" accept with limit 8/min 10 # rate/period [burst]
#server "ssh_hidden nomachine" accept with recent recent-zerotier 30 6 # name, seconds, attempts per period
client all accept
# All interfaces - look at fallthrough if putting this non-last as it didn't work without it
interface any global
protection strong
server ssh_hidden accept with limit 8/min 10
client all accept
Como faço para remover essas mensagens de log ruidosas?