Rules for Orange-DMZ server outgoing traffic logging

Hi, I need to log outgoing traffic of the server in the DMZ. According to

  1. I will change Default firewall behaviour of Forward to Blocked?
  2. What rules should I create to replace the default rule set?
  3. I will enable logging on one of the new rules OrangeRed?



welcome to the IPFire community. :slight_smile:

Yes. While not strictly necessary for your task, it is always a good idea to do so.

Well, you will have to set up firewall rules permitting the traffic your DMZ machines will need. Port 80 and 443 for fetching updates (unless you run a local mirror server in your network) are commonly needed as destination ports.

Yes. That’s just a checkbox to enable for the firewall rules in question.

Thanks, and best regards,
Peter Müller