Firewall logs showing incorrect Interface

  • Hi Ya,
    I am running "2.5.0-DEVELOPMENT (amd64)
    built on Mon Jun 03 18:12:16 EDT"

    alt text

    I noticed my firewall Logs for some reason are showing the incorrect information.

    alt text

    The NordVPN gateway IP is but for some reason the interface is shown as "lo0"

    I have all my DNS traffic routed through my VPN cilent (NordVPN) using DNS over TLS and it has been working fine, Blocking all traffic from my WAN connections and routing secure DNS queries through the VPN.

    alt text

    but as you can see, I have selected to log packets for these firewall rules, and they used to log all the DNS queries, but for some reason there are no State showing for these rules anymore.

    and when looking at the full log for the firewall for port 853, All the traffic is coming from "lo0" and that is incorrect.

    alt text

    When doing a packet capture on the NordVPN interface I can see that the secure DNS traffic is being passed correctly and isn't being leaked, but the firewall logs are not showing this information correctly.

    The setup was working perfectly before 16th of May snapshot, but since I have updated this bug has appeared.
    I have tried a fresh install and loading my backup config (I have a very complicated setup to do from scratch), also cleared/reset the logs but the issues still persists with my configuration.

    If anymore information is needed please let me know!

Log in to reply