This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

WAN Reporting - Packet Filter / IDP

Hi All
i just dont trust the internet. Help me on my way.

All i see on the packet filter are packets from LAN to WAN.
Sometimes i see some ICMP drops from an external IP.
But thats all actually. I cannot believe that there is no more traffic on the WAN interface. IDP Log shows also no or very few external ips. mostly port scan related.

What gets blocked by default? I this somehow on a log?
I used an any 2 any cleanup rule on the packet filter.
So i can see a few things. Mostly internal to external.

is NAT somewhere logged? Would be interesting to see Bittorrent DNAT connections.

thanks!

This thread was automatically locked due to age.

0 BarryG over 14 years ago

Hi, everything is dropped (with logs) by default.

I'm not sure what you mean by "I used an any 2 any cleanup rule on the packet filter."

NATs are not logged, but you can enable the LOG traffic checkbox on your ALLOW PacketFilter rules.
Note the logs will get VERY BIG VERY FAST, so do not leave that on.

TCPDump and IFTOP are available on the console if you want to look at more traffic details.

Barry
Cancel
Vote Up 0 Vote Down

Cancel