Text only | Text with Images

OPNsense Forum

Archive => 19.7 Legacy Series => Topic started by: Taomyn on August 06, 2019, 11:57:20 AM

Title: How do I log all dropped incoming connections?
Post by: Taomyn on August 06, 2019, 11:57:20 AM
In order to diagnose issues, what's the best way to enable logging for all dropped inbound connections in the firewall?
Title: Re: How do I log all dropped incoming connections?
Post by: unipacket on August 07, 2019, 03:08:35 AM
Hi Taomyn,  I think dropped inbound connections are logged by default.  When opening the Live Log, I see connection attempts from the Internet and I did not create any rules for inbound traffic.
Title: Re: How do I log all dropped incoming connections?
Post by: Taomyn on August 07, 2019, 03:49:09 AM
Not for me, only rules I have enabled logging for appear. Perhaps it's different with a newer installation, but I've been through several major upgrades and it might have been different when I built the firewall.
Title: Re: How do I log all dropped incoming connections?
Post by: banym on August 07, 2019, 11:28:21 AM
Hello,

check what you have configured under: System: Settings: Logging

There are options called Log Firewall Default Blocks

Maybe it is turned off for what you want.

Regards,

Dominik
Title: Re: How do I log all dropped incoming connections?
Post by: Taomyn on August 12, 2019, 03:13:47 PM
Quote from: dzajac on August 07, 2019, 11:28:21 AM
Hello,

check what you have configured under: System: Settings: Logging

There are options called Log Firewall Default Blocks

Maybe it is turned off for what you want.

Regards,

Dominik


Thanks, that's what it was though it's now called "Log packets matched from the default block rules put in the ruleset " - I'll keep it enabled for now and see how disk space goes for the logs.
Text only | Text with Images