Odd FW logging inconsistency
-
Hi,
I have a large number or port forwards in a 1.2.2 install and everything works perfectly.
I was doing some basic checking back and forth and switched on logging on 4 rules in WAN section (created by NAT and working). All are identical apart from internal target IP and all shows up with a nice blue mark in the GUI.
Oddly enough only 3 of those FW rules are logging and showing up in system logs | firewall.
I have double checked all settings, all is working, I can test grc.com or log on to my shell and test manuelly - nothing - one of the rules (SMTP port 25) is simply not logging.
I do a finger - logged
I do a smtp connect - nothing
I do a finger - logged again…I can be sitting logged in using the shell, typing commands, re-connecting, nothing still ends up in system log for the firewall on that particular port when refreshing log viewer.
Can anyone help me get a clue on this one?
TIA
-
you could try
@http://forum.pfsense.org/index.php/topic:What a tcpdump on my Lan nic shows when i try from a outside connection
tcpdump -t -i vr0 port 3333
and maybe search in http://192.168.1.1/status.php
-
you could try
@http://forum.pfsense.org/index.php/topic:What a tcpdump on my Lan nic shows when i try from a outside connection
tcpdump -t -i vr0 port 3333
and maybe search in http://192.168.1.1/status.php
Thanks for the tip, that was a good page. I don't recognize the URL, it is not linked to in the GUI is it?
And I think I finally found the problem - my bad - I have a complex setup of mail servers internally that routes mail back and forth and I have 3 non-standard ports exported for some of those SMTP purposes. I think I may have fooled myself into enabling logging on the wrong rule, I was looking at 25 but the internal target for that NAT was another port..
Thanks,