I have been wondering why turning off
“log dropped input packets” doesn’t stop logging input packets.
Is the wiki.ipfire.org - Firewall Options
still accurate?
Packets which have been dropped by the firewall input chain get logged. With this feature you can switch on/off the logging of them.
Here are my Firewall options:
and here are incoming logs on RED:
Any update on this?
I found that “Log dropped outgoing packets” appears to override the “Log rule” setting on the Firewall Rule itself.
James, could you post a screenshot?
Hi Trish,
It will take me a little while to get screen shots but what I found is this…
If I turn off ‘Log dropped outgoing packets’ but have logging turned on at the Rule level the dropped packets for that rule don’t get logged. The reverse is also true ie if ‘Log dropped outgoing packets’ is turned on but the Rule is turned off the dropped packets get logged.
I’m trying to be selective about which ports get logged and which don’t.
Sound’s like the specific rule not match at all.
The switch “Log dropped outgoing packets” is for the default policy rule after all other rules are executed. A packet that has matched to a rule before will not reach this and should not logged by this.
