EFW Support

Wow, this is very exciting, i want to set up EFW asap and i want to understand it.

I have FIREWALL -> SYSTEM ACCESS -> log packets ticked.
*outgoing traffic, inter-zone, vpn and port forwarding logs are DISABLED
*I actually dont have rules except for the default EFW firewall rules (ssh, 80, 53....)

If i go an chech firewall logs, and i can only see traffic from my RED zone to the UFW or WAN ip addresses.

I dont understand that? i thought only WAN ip would get logged...


If i set up a rule in SYSTEM ACCESS, now its when i can see them being logged...


i cant get it to work properly... help?




Also a question, when i open the 22 port in SYSTEM ACCESS, then i go to port forwarding, there, there are 3 labels,

port forwarding / nat
source nat
incoming routed traffic


i only use the port forwarding / nat one... what are the others for??

SYSTEM ACCESS part of the firewall controls who can access the firewall box itself (regardless of which zone the source is from)
From what you say it sounds like it IS working properly

port forwarding or DNAT allows for example incoming mail from RED (tcp port 25) to be redirected directly to your internal mail server

Source NAT or SNAT translates Internet requests from your GREEN (private ip range) zone to your Internet IP to go out on the RED zone.

Not sure about the third one at the moment :)

On my way to correct it.

Just a question, should i add a REJECT ALL policy after the DENY policies to close not desired traffic?