Page 1 of 1

firewalld logging NAT rules

Posted: 2015/12/15 11:06:52
by alffonsse
Hi,

I am fighting with firewalld for a few hours now
I'm trying to have firewalld to log the access on my NAT rules but when I check /var/log/messages nothing appears
Here is my NAT rule :

Code: Select all

rule family="ipv4" source address="XX.XX.XXX.XXX" forward-port port="80" protocol="tcp" to-port="80" to-addr="192.168.250.2" log prefix="IIS_ACCEPT" level="info"
And here is the rule to open the SSH port which is logging correctly :

Code: Select all

rule family="ipv4" source address="XX.XX.XXX.XXX" port port="22" protocol="tcp" log prefix="SSH_ACCEPT " level="info" accept
What did I do wrong ? Is there a special way to log the NAT rules ?

Thanks in advance for your help,
Alffonsse

Re: firewalld logging NAT rules

Posted: 2015/12/15 17:13:09
by aks
Doesn't firewalld log to /var/log/firewalld by default?
AFAIK, the only thing that can be logged at the moment is on the INPUT chain.