OPNsense Forum
English Forums => General Discussion => Topic started by: mflammia on March 31, 2024, 11:20:32 pm
-
Not sure if this is normal, or an issue.
I am currently trying to diagnose an issue reaching the firewall. When looking at the firewall logs all I see are entries for traffic that the firewall is sending and receiving itself. The logging is enabled to " Log packets matched from the default block rules put in the ruleset".
I found the only way to see all the traffic, including Deny, is go to Firewall -> Diagnostics -> States -> Actions and Reset State Table and Reset Source Tracking.
This only works for a very short time, the reverts back to how it was.
The same goes for doing a PCAP on the WAN interface. Until I reset both these states I only see what I see in the logs i.e. just traffic that the firewall processes, not all traffic.
I can see why this might be, since the junk traffic might be overwhelming? What I am not sure is if this it normal, or if I can turn it off so I might accurately debug, see all traffic in logs and PCAP's without having to keep resetting all the time?
I am on version OPNsense 23.10.3-amd64, on official OPNSense hardware.
Many thanks in advance.