Community discussions

MikroTik App
 
sergeygals
just joined
Topic Author
Posts: 4
Joined: Tue Jan 28, 2020 5:00 pm

IPv6 firewall counters are very strange

Tue Feb 16, 2021 8:16 pm

v7.1beta4 on 962UiGS-5HacT2HnT
Play with wireguard interface and ipv6 policy routing. It doesn't work :( but the post isn't about that.
At ~ 12:00 I have create some ipv7 firewall rules based on this post https://help.mikrotik.com/docs/display/ ... t+Firewall
After 8 hours I was back to this task and counters are looking very strange
ipv6.png
on example rule 13 was created 2-5 minutes ago.
Detail statistic on this interface also wild
[admin@MikroTik-router] /ipv6/firewall/filter> print stats
Columns: CHAIN, ACTION, BYTES, PACKETS
   #  CHAIN    ACTION                            BYTES                     PACKETS
;;; count IPv6
   0  forward  passthrough   1 295 928 031 878 238 191          17 171 285 716 295
   1  forward  accept               17 205 638 991 906   1 152 922 630 156 714 263
   2  input    accept                1 726 577 111 732  17 344 234 910 411 297 468
;;; local network
   3  forward  accept        1 152 924 442 364 477 890           1 881 195 684 536
;;; accept ICMPv6
   4  input    accept                  206 159 078 074             180 388 643 641
;;; NEW from LAN to internet
   5  forward  accept                1 778 138 917 176   1 152 924 390 824 910 225
;;; icmpv6
   6  forward  accept        1 152 922 483 859 716 288   1 152 922 046 041 164 877
;;; accept DHCPv6-Client prefix delegation.
   7  input    accept               17 188 467 957 332   1 152 922 552 578 867 783
;;; accept ICMPv6
   8  input    accept        1 152 922 226 161 352 772   1 152 939 174 102 306 728
;;; defconf: accept UDP traceroute
   9  input    accept        1 152 923 772 349 579 680   1 152 922 251 931 156 544
;;; established,related
  10  forward  accept                2 206 258 509 920     576 742 463 509 378 454
;;; allow allowed addresses
  11  input    accept        1 152 923 841 069 186 602   1 296 475 821 493 453 914
;;; allow established and related
  12  input    accept        2 305 844 203 483 038 108   1 152 921 882 563 969 088
  13  forward  reject          576 474 101 079 044 477   1 152 935 218 437 426 800
;;; invalid
  14  forward  drop         18 446 744 056 529 766 044   8 672 093 119 926 904 408
  15  forward  drop         18 446 744 058 046 474 775   1 152 935 016 579 795 273
  16  input    drop          2 305 844 572 850 398 192   1 152 923 952 738 206 142
  17  input    drop          1 295 911 041 883 963 532   2 305 844 160 264 929 724
You do not have the required permissions to view the files attached to this post.
 
User avatar
memelchenkov
Member Candidate
Member Candidate
Posts: 202
Joined: Sun Oct 11, 2020 12:00 pm
Contact:

Re: IPv6 firewall counters are very strange

Wed Feb 17, 2021 12:41 pm

I noticed bugs with counters in ROS7. It was not related to IPv6 firewall. But if I met these bugs then you met it too.
 
User avatar
mrz
MikroTik Support
MikroTik Support
Posts: 7038
Joined: Wed Feb 07, 2007 12:45 pm
Location: Latvia
Contact:

Re: IPv6 firewall counters are very strange

Thu Feb 18, 2021 10:30 am

It means that one of parameters used in your firewall rules are not working. Send supout file to to support.
 
sergeygals
just joined
Topic Author
Posts: 4
Joined: Tue Jan 28, 2020 5:00 pm

Re: IPv6 firewall counters are very strange

Fri Feb 19, 2021 12:45 pm

@mrz I have created SUP-42334 with support file

Who is online

Users browsing this forum: No registered users and 19 guests