hey, on 1.920 i cannot get the livelog to display rule violations. for example, i try to telnet to the firewall (a violation) and then watch the livelog to see the dropped packets...and i get nothing in the log. is there something special i have to do to get dropped packets logged in the livelog. this is also useful to determine if rules are dropping packets and troubleshooting connection problems. any ideas? thanks, bob.
hello, we try to evaluate asl 1.920 at the moment and i saw also some suspect behavior in the livelog. I tried to get rid of the Netware SAP packets (Port 520) and all these netbios packes from the NT boxes. The destination is 255.255.255.255 for netware and 192.168.x.255 for NT packets. First i tried to drop the messages with
From NWSERVER Service PORT520 To ANY DROP
but nothing happend. The packets were still logged in the livelog. Next i tried
From NWSERVER Service PORT520 To BC-255-255-255-255 DROP
and it worked. I deactivated the rule to doublecheck the function and got no further messages in the livelog. Livelog was dead. No start/stop livelog, no restart of the browser got livelog back to live. All packets were still droped AND the drop was logged on the asl-box console. After shutdown everything worked fine, but during the shutdown, i saw an error message from K51iptable.
