Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 2 subscribers
  • Views 754 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Does Astaro Log Everything (Packet Filter)?

chugger93
This may be a stupid question, I'm not sure.  If I check out my live packet filter, I see alot of traffic.  Some probably my own rules that I setup specifying to log the traffic.

My question is, will I see other traffic I didn't specify to log or have a rule for?  For example if there was a portscan or attack or just any ole incoming traffic hitting my box, would I see it in the live packet filter log?  Just curious.


This thread was automatically locked due to age.
  • 0
    I think you see all packets dropped by default rules and all packets that are selected by packet filter rules with logging checked.  Portscans - good question.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0
    Portscans are logged in the IPS log.

    If you want to log ALL traffic, you'd need to check the 'LOG' option on each PF rule, but the logs may get FAR too big to be manageable.

    Barry
  • 0
    If you want to temporarily look at all traffic, tcpdump and ngrep are available on the console.

    Barry
Cookie Information Banner