Firewall Log only showing blocked traffic
Hey everyone, quick question…
Under Status -> System Logs -> Firewall, it's only ever showing me things that are blocked.. never anything that is passed.
For example, I wanted to allow ICMP on my WAN interface, so I pinged my firewall from outside my network and checked the firewall log.
I saw the blocked ICMP attempts from the IP I was using and created a pass rule to allow those pings to come through.
Then I pinged again from the same outside IP address and it worked, I was able to ping, but when I checked the firewall log again there was nothing in there saying those pings were allowed to pass (it also didn't show any new ICMP blocks either). Why is this?
In fact, when I access a web server that lives inside my LAN from work (for example), it works fine, but the firewall log doesn't show any rules that allowed that traffic to pass through to my internal web server.
… so I've answered my own question.
Under each firewall rule I didn't know you had to explicitly state to log packets that are handled by that rule.
I turned that on and voila.