Odd FW logging inconsistency



  • Hi,

    I have a large number or port forwards in a 1.2.2 install and everything works perfectly.

    I was doing some basic checking back and forth and switched on logging on 4 rules in WAN section (created by NAT and working). All are identical apart from internal target IP and all shows up with a nice blue mark in the GUI.

    Oddly enough only 3 of those FW rules are logging and showing up in system logs | firewall.

    I have double checked all settings, all is working, I can test grc.com or log on to my shell and test manuelly - nothing - one of the rules (SMTP port 25) is simply not logging.

    I do a finger - logged
    I do a smtp connect - nothing
    I do a finger - logged again…

    I can be sitting logged in using the shell, typing commands, re-connecting, nothing still ends up in system log for the firewall on that particular port when refreshing log viewer.

    Can anyone help me get a clue on this one?

    TIA



  • you could try
    @http://forum.pfsense.org/index.php/topic:

    What a tcpdump on my Lan nic shows when i try from a outside connection

    tcpdump -t -i vr0 port 3333

    and maybe search in http://192.168.1.1/status.php



  • @Perry:

    you could try
    @http://forum.pfsense.org/index.php/topic:

    What a tcpdump on my Lan nic shows when i try from a outside connection

    tcpdump -t -i vr0 port 3333

    and maybe search in http://192.168.1.1/status.php

    Thanks for the tip, that was a good page. I don't recognize the URL, it is not linked to in the GUI is it?

    And I think I finally found the problem - my bad - I have a complex setup of mail servers internally that routes mail back and forth and I have 3 non-standard ports exported for some of those SMTP purposes. I think I may have fooled myself into enabling logging on the wrong rule, I was looking at 25 but the internal target for that NAT was another port..

    Thanks,


Locked