WAN6 grey frame-No zone assigned. Bug? (SOLVED)

Hello everyone. I am using OpenWrt 19.07.1 r10911-c155900f66 / LuCI openwrt-19.07 branch git-20.029.45734-adbbd5c with TP-Link TL-WDR3500 v1.
After the current installation (19.07.1) I noticed a gray frame in the zones which in the previous versions and with the same setup/config did not exist.
I would like to ask if I am security-minded and I can just ignore it or do I need to modify my setup.

Τhank you very much and congratulations for your wonderful work

root@OpenWrt:~# cat /tmp/run/fw3.state
package fw3_state

config defaults
	option input 'ACCEPT'
	option output 'ACCEPT'
	option forward 'REJECT'
	option __flags_v4 '0x180017'
	option __flags_v6 '0x180025'

config zone
	option name 'lan'
	option input 'ACCEPT'
	option output 'ACCEPT'
	option forward 'ACCEPT'
	option masq '0'
	option mtu_fix '0'
	option custom_chains '1'
	list device 'br-lan@lan'
	list __addrs '172.28.10.75'
	list __addrs '2a02:85f:XXX:XXX::1'
	list __addrs 'fd93:3255:352::1'
	list __addrs 'fe80::ea94:f6ff:fe47:bf6d'
	option __flags_v4 '0x896447'
	option __flags_v6 '0x90445'

config zone
	option name 'wan'
	option input 'REJECT'
	option output 'ACCEPT'
	option forward 'REJECT'
	option masq '1'
	option mtu_fix '1'
	option custom_chains '1'
	list device 'pppoe-wan@wan'
	list device 'eth1@wan6'
	list device 'pppoe-wan@wan_6'
	list __addrs '5.54.XXX.XX'
	list __addrs '2a02:85f:ff0a:xxxxxxxxxxxx:7db9'
	list __addrs 'fe80::fd5b:5645:6345:7db9'
	list __addrs 'fe80::ea94:f6ff:fe47:bf70'
	list __addrs '5.54.xxx.xx'
	list __addrs '2a02:85f:ff0a:4e9:fxxxxxxxxxxxxxx'
	list __addrs 'fe80::fd5b:5645:6345:7db9'
	option __flags_v4 '0x8a60c7'
	option __flags_v6 '0xa00c5'

What are you calling "grey frame". All is OK. You can even remove WAN6 interface, becuse you get ipv6 from pppoe-wan.

WAN_6 is a virtual interface.

As you can see in the old version this gray box didn't exist and this interface was part of the zone wan. If you tell me there is no problem I am ok with that. I just see it writing No Zone and I was worried

wan_6 seems to belong to the wan firewall zone, so it is more an aesthetic issue.

You can always verify by examining the firewall rules for IPv6. ip6tables-save -c | grep pppoe-wan
You will see something like this, among other lines

[9:1152] -A INPUT -i pppoe-wan -m comment --comment "!fw3" -j zone_wan_input
[0:0] -A FORWARD -i pppoe-wan -m comment --comment "!fw3" -j zone_wan_forward
[0:0] -A OUTPUT -o pppoe-wan -m comment --comment "!fw3" -j zone_wan_output
1 Like
[989:109103] -A INPUT -i pppoe-wan -m comment --comment "!fw3" -j zone_wan_input
[527:48223] -A FORWARD -i pppoe-wan -m comment --comment "!fw3" -j zone_wan_forward
[25978:2554467] -A OUTPUT -o pppoe-wan -m comment --comment "!fw3" -j zone_wan_output

Yes, that's exactly it. Whenever I'm okay. Thanks a lot for the quick answers

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.