#18614: fw3 firewall doesn't create log rules for dropped traffic in a zone
(only
logs rejected traffic)
---------------------------+------------------------
Reporter: anonymous | Owner: developers
Type: defect | Status: new
Priority: normal | Milestone:
Component: base system | Version: Trunk
Keywords: fw3, firewall |
---------------------------+------------------------
According to the wiki, enabling "option log 1" does "create log rules for
rejected and dropped traffic in this zone"
However it only seems to create LOG rule for rejected traffic, not for
dropped traffic:
{{{
config zone
option name lan2
list network 'lan2'
option input ACCEPT
option output ACCEPT
option forward REJECT
option log '1'
}}}
{{{
Chain zone_lan2_dest_REJECT (1 references)
pkts bytes target prot opt in out source
destination
0 0 LOG all -- * * 0.0.0.0/0
0.0.0.0/0 limit: avg 10/sec burst 5 LOG flags 0 level 4 prefix
"REJECT(dest lan2)"
0 0 reject all -- * vlan20 0.0.0.0/0
0.0.0.0/0
}}}
{{{
root@OpenWrt:/tmp# iptables -L -v -n|fgrep -i log
0 0 LOG all -- * * 0.0.0.0/0
0.0.0.0/0 limit: avg 10/sec burst 5 LOG flags 0 level 4 prefix
"REJECT(dest lan2)"
root@OpenWrt:/tmp#
}}}
--
Ticket URL: <https://dev.openwrt.org/ticket/18614>
OpenWrt <http://openwrt.org>
Opensource Wireless Router Technology
_______________________________________________
openwrt-tickets mailing list
[email protected]
https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-tickets
