Default Drop Rule v18

Question

Is there a way to log the default drop rule traffic or supersede it with a rule to log it?

LuCar Toni · Answer

Basically XGv18 implemented a default drop rule on GUI, which was always there. It did not add features as such, instead it shows the admin, there is a inevitable drop rule. To add the logging feature to this is a logging enhancement, down the road including other features as well.

BeEf · Answer

Hello John, I already asked this a couple of months ago. See the discussion here: https://community.sophos.com/xg-firewall/f/discussions/123399/new-drop-all-rule-in-v-18 In short: - Activating logging on the default drop rule is not possible. - You can put a explicit deny rule before the default drop rule with logging. This was the method you needed to use in V 17.5 to see the dropped traffic.

Default Drop Rule v18

Top Replies