Actions
Feature #12625
openGranular logging options for default firewall rules.
Status:
New
Priority:
Normal
Assignee:
-
Category:
Logging
Target version:
-
Start date:
Due date:
% Done:
0%
Estimated time:
Plus Target Version:
Release Notes:
Default
Description
Allow the user to control which default firewall rules get logged. Currently, there are checkboxes for:
- default block
- default pass
- Block Bogon Networks
- Block Private Networks
- IPv6 ICMP
# IPv6 ICMP is not auxiliary, it is required for operation # Allow only bare essential icmpv6 packets (NS, NA, and RA, echoreq, echorep)
- Captive Portal
# Captive portal
- PPTP Client
# allow PPTP client
- IPv6 Border Relay
# allow our proto 41 traffic from the 6RD border relay in # allow our proto 41 traffic from the 6to4 border relay in
- Loopback
# loopback # Allow IPv6 on loopback
- Firewall host outbound
# let out anything from the firewall host itself and decrypted IPsec traffic
- Anti-lockout
# make sure the user cannot lock himself out of the webConfigurator or SSH
- Bypass for static routes
# Add rules to bypass firewall rules for static routes
- Miniupnp
# pass multicast traffic to miniupnpd
- CARP
# CARP rules
- DHCP
# Add Priority to dhcp6c packets if enabled # allow our DHCP client out to the {$oc['descr']} # allow our DHCPv6 client out to the {$oc['descr']} # allow access to DHCP server on {$oc['descr']} # allow access to DHCP failover on {$oc['descr']} from {$config['dhcpd'][$on]['failover_peerip']} # allow access to DHCP relay on {$oc['descr']} # allow access to DHCPv6 server on {$oc['descr']}
No data to display
Actions