What is this network interface?

Hi,

Sorry if this was already answered, but I didn't find the answer with google.

I'm a new OMV user and still discover this software, on a fresh install on a x86 platform, version 6.3.4-1 (Shaitan), OMV has setup a virtual network interface named vethb14b8798 with ip 172.16.16.1, this ip isn't shown in the GUI, only the interface.

I don't have docker or any other virtualization/containerisation running on this machine and my LAN is 192.168.x.x based, additionally there is a list of rules in iptables I never setup and they are not listed in the GUI, they look to be linked to this virtual interface.

So my question is what is the purpose of this interface ? Can it be removed ? Same question for these iptables rules?

Below the output of my iptables-save, I added only rules in lines 8 to 37:

1. # Generated by iptables-save v1.8.7 on Sun Mar 19 01:37:45 2023
2. *filter
3. :INPUT ACCEPT [3:156]
4. :FORWARD ACCEPT [0:0]
5. :OUTPUT ACCEPT [3503:1762309]
6. :CNI-ADMIN - [0:0]
7. :CNI-FORWARD - [0:0]
8. -A INPUT -s 192.168.0.0/16 -p icmp -j ACCEPT
9. -A INPUT -s 192.168.100.0/24 -p tcp -m tcp --dport 80 -j ACCEPT
10. -A INPUT -s 192.168.100.0/24 -p tcp -m tcp --dport 443 -j ACCEPT
11. -A INPUT -s 192.168.100.0/24 -p tcp -m tcp --dport 22 -j ACCEPT
12. -A INPUT -s 192.168.100.0/24 -p tcp -m tcp --dport 3670 -j ACCEPT
13. -A INPUT -s 192.168.100.0/24 -p tcp -m tcp --dport 137 -j ACCEPT
14. -A INPUT -s 192.168.100.0/24 -p udp -m udp --dport 137:138 -j ACCEPT
15. -A INPUT -s 192.168.100.0/24 -p tcp -m tcp --dport 139 -j ACCEPT
16. -A INPUT -s 192.168.100.0/24 -p tcp -m tcp --dport 445 -j ACCEPT
17. -A INPUT -s 192.168.101.0/24 -p tcp -m tcp --dport 80 -j ACCEPT
18. -A INPUT -s 192.168.101.0/24 -p tcp -m tcp --dport 443 -j ACCEPT
19. -A INPUT -s 192.168.101.0/24 -p tcp -m tcp --dport 22 -j ACCEPT
20. -A INPUT -s 192.168.101.0/24 -p tcp -m tcp --dport 3670 -j ACCEPT
21. -A INPUT -s 192.168.101.0/24 -p tcp -m tcp --dport 137 -j ACCEPT
22. -A INPUT -s 192.168.101.0/24 -p udp -m udp --dport 137:138 -j ACCEPT
23. -A INPUT -s 192.168.101.0/24 -p tcp -m tcp --dport 139 -j ACCEPT
24. -A INPUT -s 192.168.101.0/24 -p tcp -m tcp --dport 445 -j ACCEPT
25. -A INPUT -s 192.168.250.0/24 -p tcp -m tcp --dport 80 -j ACCEPT
26. -A INPUT -s 192.168.250.0/24 -p tcp -m tcp --dport 443 -j ACCEPT
27. -A INPUT -s 192.168.250.0/24 -p tcp -m tcp --dport 22 -j ACCEPT
28. -A INPUT -s 192.168.250.0/24 -p tcp -m tcp --dport 3670 -j ACCEPT
29. -A INPUT -s 192.168.250.0/24 -p tcp -m tcp --dport 137 -j ACCEPT
30. -A INPUT -s 192.168.250.0/24 -p udp -m udp --dport 137:138 -j ACCEPT
31. -A INPUT -s 192.168.250.0/24 -p tcp -m tcp --dport 139 -j ACCEPT
32. -A INPUT -s 192.168.250.0/24 -p tcp -m tcp --dport 445 -j ACCEPT
33. -A INPUT -s 192.168.105.0/24 -p tcp -m tcp --dport 22 -j ACCEPT
34. -A INPUT -s 192.168.110.0/24 -p tcp -m tcp --dport 22 -j ACCEPT
35. -A INPUT -s 192.168.254.0/24 -p tcp -m tcp --dport 22 -j ACCEPT
36. -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
37. -A INPUT -j DROP
38. -A FORWARD -m comment --comment "CNI firewall plugin rules" -j CNI-FORWARD
39. -A CNI-FORWARD -m comment --comment "CNI firewall plugin admin overrides" -j CNI-ADMIN
40. -A CNI-FORWARD -d 172.16.16.12/32 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
41. -A CNI-FORWARD -s 172.16.16.12/32 -j ACCEPT
42. COMMIT
43. # Completed on Sun Mar 19 01:37:46 2023
44. # Generated by iptables-save v1.8.7 on Sun Mar 19 01:37:46 2023
45. *nat
46. :PREROUTING ACCEPT [0:0]
47. :INPUT ACCEPT [0:0]
48. :OUTPUT ACCEPT [0:0]
49. :POSTROUTING ACCEPT [0:0]
50. :CNI-6db8a19062897a12ab5f624d - [0:0]
51. :CNI-DN-6db8a19062897a12ab5f6 - [0:0]
52. :CNI-HOSTPORT-DNAT - [0:0]
53. :CNI-HOSTPORT-MASQ - [0:0]
54. :CNI-HOSTPORT-SETMARK - [0:0]
55. -A PREROUTING -m addrtype --dst-type LOCAL -j CNI-HOSTPORT-DNAT
56. -A OUTPUT -m addrtype --dst-type LOCAL -j CNI-HOSTPORT-DNAT
57. -A POSTROUTING -m comment --comment "CNI portfwd requiring masquerade" -j CNI-HOSTPORT-MASQ
58. -A POSTROUTING -s 172.16.16.12/32 -m comment --comment "name: \"podman\" id: \"8c5d3b0a9616a6e3be969fb733bf2becfd331056756e7599826c1c0f3549d67d\"" -j CNI-6db8a19062897a12ab5f624d
59. -A CNI-6db8a19062897a12ab5f624d -d 172.16.16.0/24 -m comment --comment "name: \"podman\" id: \"8c5d3b0a9616a6e3be969fb733bf2becfd331056756e7599826c1c0f3549d67d\"" -j ACCEPT
60. -A CNI-6db8a19062897a12ab5f624d ! -d 224.0.0.0/4 -m comment --comment "name: \"podman\" id: \"8c5d3b0a9616a6e3be969fb733bf2becfd331056756e7599826c1c0f3549d67d\"" -j MASQUERADE
61. -A CNI-DN-6db8a19062897a12ab5f6 -s 172.16.16.0/24 -p tcp -m tcp --dport 3670 -j CNI-HOSTPORT-SETMARK
62. -A CNI-DN-6db8a19062897a12ab5f6 -s 127.0.0.1/32 -p tcp -m tcp --dport 3670 -j CNI-HOSTPORT-SETMARK
63. -A CNI-DN-6db8a19062897a12ab5f6 -p tcp -m tcp --dport 3670 -j DNAT --to-destination 172.16.16.12:8443
64. -A CNI-HOSTPORT-DNAT -p tcp -m comment --comment "dnat name: \"podman\" id: \"8c5d3b0a9616a6e3be969fb733bf2becfd331056756e7599826c1c0f3549d67d\"" -m multiport --dports 3670 -j CNI-DN-6db8a19062897a12ab5f6
65. -A CNI-HOSTPORT-MASQ -m mark --mark 0x2000/0x2000 -j MASQUERADE
66. -A CNI-HOSTPORT-SETMARK -m comment --comment "CNI portfwd masquerade mark" -j MARK --set-xmark 0x2000/0x2000
67. COMMIT
68. # Completed on Sun Mar 19 01:37:46 2023

Thank you for your support.

Zitat von ryecoaaron

Do you have the filebrowser, onedrive, owntone, or photoprism plugin installed? They use podman which creates the same type of interface.

OK so it must be the filebrowser, thank you for your fast answer.