New VLAN & Firewall rules but no traffic, how to resolve?

luke1018

Dear Experts, i am facing some difficulties. Originally, I have one WAN and LAN and monitoring them using Suricata. But now, we would like to expand the monitoring to more VLANs, and I am trying to add 3 more with firewall rules opened.

Unfortunately, after awhile I still not able to see any traffic flowing through. Is there any configuration I missed out? like entering the IP address we wish to monitor? or firewall rules is blocking or could it be logging is not turn on and configured properly?

![Suricata_Firewall rules.PNG](/public/imported_attachments/1/Suricata_Firewall rules.PNG)
![Suricata_Firewall rules.PNG_thumb](/public/imported_attachments/1/Suricata_Firewall rules.PNG_thumb)

GoldFish

@luke1018:

could it be logging is not turn on and configured properly?

Logging has nothing to do with the states data that you see in that screenshot. Logging is referring to System Logs. 0/0B simply means there is no packet hitting that rule.

johnpoz

Seems you have nothing on this vlan if your top rule any any has not hits… With that 0/0 but without seeing the rest of rule its not possible to tell if they would of actually triggered.. Since can not see the dest side of the rule.. But pretty much anything below an any source is kind of pointless -- depending on the dest..