Modify

Opened 3 years ago

#18614 new defect

fw3 firewall doesn't create log rules for dropped traffic in a zone (only logs rejected traffic)

Reported by: anonymous Owned by: developers
Priority: normal Milestone:
Component: base system Version: Trunk
Keywords: fw3, firewall Cc:

Description

According to the wiki, enabling "option log 1" does "create log rules for rejected and dropped traffic in this zone"

However it only seems to create LOG rule for rejected traffic, not for dropped traffic:

config zone
	option name		lan2
	list network		'lan2'
	option input		ACCEPT
	option output		ACCEPT
	option forward		REJECT
	option log		'1'
Chain zone_lan2_dest_REJECT (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            limit: avg 10/sec burst 5 LOG flags 0 level 4 prefix "REJECT(dest lan2)"
    0     0 reject     all  --  *      vlan20  0.0.0.0/0            0.0.0.0/0           
root@OpenWrt:/tmp# iptables -L -v -n|fgrep -i log
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            limit: avg 10/sec burst 5 LOG flags 0 level 4 prefix "REJECT(dest lan2)"
root@OpenWrt:/tmp# 

Attachments (0)

Change History (0)

Add Comment

Modify Ticket

Action
as new .
Author


E-mail address and user name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.