Cannot see logs of allowed traffic

eitancaspi · Post by **eitancaspi** » 2020/05/14 13:21:38

Hi,

I use firewalld 0.6.3 on CentOS 7.

I have one active zone, public, which its target is DROP and its config is:
target: DROP
icmp-block-inversion: no
interfaces: eth0
sources:
services:
ports:
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:

There are few rich rules of only allowing traffic, all end with " log level="info" accept ", and all working fine and transferring traffic as expected.
The log level for denied traffic is "off".

My issue is that in /var/log/messages - I see traffic only of one rule... the other rules are triggered, manually and periodically, like email sending and receiving - but these activities are not shown in the log...

I tried to enable full "denied" log but it didn't help.
I tried to do a complete reload of firewalld but it didn't help.
A server reboot didn't help.

Any ideas guys?