Logs and PCAPs missing data until clearing Diagnostics, States, Actions

[mflammia]

Not sure if this is normal, or an issue.

I am currently trying to diagnose an issue reaching the firewall. When looking at the firewall logs all I see are entries for traffic that the firewall is sending and receiving itself. The logging is enabled to " Log packets matched from the default block rules put in the ruleset".

I found the only way to see all the traffic, including Deny, is go to Firewall -> Diagnostics -> States -> Actions and Reset State Table and Reset Source Tracking.

This only works for a very short time, the reverts back to how it was.

The same goes for doing a PCAP on the WAN interface. Until I reset both these states I only see what I see in the logs i.e. just traffic that the firewall processes, not all traffic.

I can see why this might be, since the junk traffic might be overwhelming? What I am not sure is if this it normal, or if I can turn it off so I might accurately debug, see all traffic in logs and PCAP's without having to keep resetting all the time?

I am on version OPNsense 23.10.3-amd64, on official OPNSense hardware.

Many thanks in advance.