Hello ,
This is strange or i am doing some thing horribly wrong !
if you look at appliaction control live log (image facebook)
and if you look at view (which is store log )they are differant (image view)
please correct me if i am wrong and hope this is not reported eariler
in live log it show application name and in view/store log it give all information about (like a firewall and application )
live log
18:24:19 Application control rule #5 Facebook
192.168.7.125 :47875 → 173.252.100.27 :443 [ACK FIN] len=52 ttl=63 tos=0x00 srcmac=0:c:29:7b:b4:8f
view log
"2013:03:20-05:42:27 acenn ulogd[27973]: id="2019" severity="info" sys="SecureNet" sub="packetfilter" name="AFC Block" action="drop" fwrule="5" outitf="eth1.50" mark="0x3093" app="147" srcmac="0:c:29:7b:b4:8f" srcip="192.168.7.125" dstip="23.67.162.110" proto="6" length="388" tos="0x00" prec="0x00" ttl="63" srcport="49983" dstport="443" tcpflags="ACK PSH" "
reported eariler ulogd not running ,application ctrl and firewall log using ulogd .
https://community.sophos.com/products/unified-threat-management/astaroorg/f/80/t/65016
edit:firewall log has application control entry pls check attechment firewall
[:S][:S]
thanks
Guest User!
You are not Sophos Staff.
