Hi all,
I did some port forwards (turris omnia)and it does not seem forwarded from WAN port.
Is there any possibility to see firewall logs like in Fortigate where I can search and filter traffic and see what was passed through via which rule or dropped, etc.?
I did some search and this Iptables log disappeared? seems like there is not even possibility to see for us/users such info about what was forwarded or not.
That sentinel is only to build dynamic firewall and sends data to another parties to analyze.
I think from cmd line you can add rules like below to the predefined chains, which will log all and can be useful for debugging, then you can remove(this is not persistent, will not survive firewall restart or reboot):
In similar way you can add for other zones as well such as for “input_wan_rule” etc
And if you want it to be persistent add it at Luci - Firewall - Custom Rules tab.
Additionally Luci can add rules for logging rejected. So when you enable logging in Luci Firewall from certain zone(edit) it should log rejected packets for that zone. And general settings(at top) should have default policy “reject” for Input Output Forward.
Logging dropped is complicated, since Luci doesn’t do it automatically like above, you need to create new chains add logging rule, jump there from where needed. Actually default firewall drops only invalid and syn-flood(if detected), most is reject. So I don’t think you will need to log the dropped.