Cannot see logs of allowed traffic
Posted: 2020/05/14 13:21:38
Hi,
I use firewalld 0.6.3 on CentOS 7.
I have one active zone, public, which its target is DROP and its config is:
target: DROP
icmp-block-inversion: no
interfaces: eth0
sources:
services:
ports:
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
There are few rich rules of only allowing traffic, all end with " log level="info" accept ", and all working fine and transferring traffic as expected.
The log level for denied traffic is "off".
My issue is that in /var/log/messages - I see traffic only of one rule... the other rules are triggered, manually and periodically, like email sending and receiving - but these activities are not shown in the log...
I tried to enable full "denied" log but it didn't help.
I tried to do a complete reload of firewalld but it didn't help.
A server reboot didn't help.
Any ideas guys?
I use firewalld 0.6.3 on CentOS 7.
I have one active zone, public, which its target is DROP and its config is:
target: DROP
icmp-block-inversion: no
interfaces: eth0
sources:
services:
ports:
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
There are few rich rules of only allowing traffic, all end with " log level="info" accept ", and all working fine and transferring traffic as expected.
The log level for denied traffic is "off".
My issue is that in /var/log/messages - I see traffic only of one rule... the other rules are triggered, manually and periodically, like email sending and receiving - but these activities are not shown in the log...
I tried to enable full "denied" log but it didn't help.
I tried to do a complete reload of firewalld but it didn't help.
A server reboot didn't help.
Any ideas guys?