Feedback on System Monitoring — Firewall Logs
- I assume that an Arrow in the interface field indicates that it is an outgoing rule (but that is not described)
- the defined rule
- incorrect tcp status (as shown in the log)
- not allowed IP options
- and perhaps other thinks
I have no idea if that kind of blocking is shown in the log and how the cause is indicated
My remarks above refer to visible / user defined rules. But there seems/my impression is that there are also predefined invisible rules. So I wonder if those rules can be made visible and if it is posible to show the result "block, pass or reject" can be made visible.
Hope this helps to improve documentation and perhaps the gui.
#1 Updated by Louis van Breda 2 months ago
Sorry for the remark on default rules. I noticed that the logfile settings have options for that.
Log packets matched from the default block rules in the ruleset
Log packets that are blocked by the implicit default block rule. - Per-rule logging options are still respected.
Log packets matched from the default pass rules put in the ruleset
Log packets that are allowed by the implicit default pass rule. - Per-rule logging options are still respected.