Offline
ClearOS Feature Request
Firewall Report Log Request
I would really like a firewall log, that is easily accessible from the web client. Need to easily see if a packet has been dropped or not. I know there are ways to log it in ClearOS but I haven't got them to work so a real good how to would at least help.
Share this post:
Accepted Answer
Brian.
Are you wanting a diagnostic tool in Webconfig, and/or perhaps temporarily a how-to for doing this at command line? Are you looking for something that doesn't necessarily log, but just dumps in real-time stats on if packets are being dropped on an interface?
You may run: "iptables -L -v -n"
This would cause a lot less load constraint then say running a real-time logging tool. Logging can quickly slow the entire system and crash a server by making a write to the disk for every packet; and filling up the logs with an entry after entry until it is disabled.
Logging can be done currently using the custom firewall rules module. Going any further with that type or reporting and function can quickly become an overwhelming task however. For this we'd certainly want to see the communities response (i.e. create a new feature request specific to it, or define your wish more here and let's get voting).
For real-time logging that doesn't kill your system, you can use "iptraf". This will tell you if packets are being dropped, but not which rule is causing it.
Hope that helps!
Are you wanting a diagnostic tool in Webconfig, and/or perhaps temporarily a how-to for doing this at command line? Are you looking for something that doesn't necessarily log, but just dumps in real-time stats on if packets are being dropped on an interface?
You may run: "iptables -L -v -n"
This would cause a lot less load constraint then say running a real-time logging tool. Logging can quickly slow the entire system and crash a server by making a write to the disk for every packet; and filling up the logs with an entry after entry until it is disabled.
Logging can be done currently using the custom firewall rules module. Going any further with that type or reporting and function can quickly become an overwhelming task however. For this we'd certainly want to see the communities response (i.e. create a new feature request specific to it, or define your wish more here and let's get voting).
For real-time logging that doesn't kill your system, you can use "iptraf". This will tell you if packets are being dropped, but not which rule is causing it.
Hope that helps!
Responses (2)
-
Accepted Answer
I think that firewall logging is one of major lacks of ClearOS.
Instead to write that firewall logging can result in disk full or crash system, someone at ClearOs should see what PfSense or about all competitors offers about firewall logging.
Firewall logging is mandatory if out filtering is required in order to see what services inside the lan are dropped/rejected from outgoing filter rules.
The reason why I've tested ClearOs many times and I've never used in my environment is the lack of reporting/logging in many areas.
A simple and "clear" log viewing is the basis in order to understand if the system is working well or not.
My two cents .. -
Accepted Answer
I would like some way to find dropped packets on ClearOS as well. For me it would be nice to be able to have about 10 to 15 minutes of past data of drop packets and the ability to filter it out by source, destination and port. It would be best if it was in the web interface but if there was a tool to do this in the CLI it would work as well.
Please login to post a reply
You will need to be logged in to be able to post a reply. Login using the form on the right or register an account if you are new here.
Register Here »