I have FIREWALL -> SYSTEM ACCESS -> log packets ticked.
*outgoing traffic, inter-zone, vpn and port forwarding logs are DISABLED
*I actually dont have rules except for the default EFW firewall rules (ssh, 80, 53....)
If i go an chech firewall logs, and i can only see traffic from my RED zone to the UFW or WAN ip addresses.
I dont understand that? i thought only WAN ip would get logged...
If i set up a rule in SYSTEM ACCESS, now its when i can see them being logged...
i cant get it to work properly... help?
SYSTEM ACCESS part of the firewall controls who can access the firewall box itself (regardless of which zone the source is from)
From what you say it sounds like it IS working properly
Also a question, when i open the 22 port in SYSTEM ACCESS, then i go to port forwarding, there, there are 3 labels,
port forwarding / nat
source nat
incoming routed traffic
i only use the port forwarding / nat one... what are the others for??
port forwarding or DNAT allows for example incoming mail from RED (tcp port 25) to be redirected directly to your internal mail server
Source NAT or SNAT translates Internet requests from your GREEN (private ip range) zone to your Internet IP to go out on the RED zone.
Not sure about the third one at the moment
Author