Last modified at 11/2/2013 11:47 AM by Koen Zomers

If you have a pfSense box running with IPv6 enabled, you might notice that your pfSense firewall logs many link local to IPv6 multicast packets (ff02::/28). 

pfSense-PreventMulticastFromFloodingLogs-LogSample.png   
This happens because these are caught by the default deny rule in pfSense. In order to prevent these packets from flooding your logs, you can add a firewall rule which represents these specific packets and prevents them from falling into the default deny rule thus being logged.

In order to add this rule, follow these steps:

  1. Log on to the webserver of your pfSense box
  2. In the top menu, go to Firewall -> Rules
  3. Go to the Floating tab
  4. Click on the little + icon at the right bottom to add a new rule
  5. Fill in the form as shown on the screenshot below (click on it to enlarge). At Interface, select the network(s) from which you are receiving these multicast packets (will be different on your box compared to the screenshot below). Once done click Save at the bottom.

    pfSense-PreventMulticastFromFloodingLogs-AddRule.png
  6. Click the Apply changes button at the top to apply the new rule. You should now no longer see the packets appear in your firewall logs.

    pfSense-PreventMulticastFromFloodingLogs-ApplyChanges.png