Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1 reply
  • Subscribers 2 subscribers
  • Views 18124 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How To Show All Connection in Firewall Live Logs

xianx
Hi,

Is there a way to show all connection in the firewall live logs, i know i can see connections that are blocked in the live logs

I like to see somthing like this:

192.168.0.5 to a isp ip {port} which protocoll tcp/udp port connected

somthing like that.

Hope someone have a idea

gr.


This thread was automatically locked due to age.
Parents
  • 0
    The Live Logs are limited in scope and you can't modify how they display information, but there are some things you can check in WebAdmin for further information:

    -Check the full log at Logging & Reporting > View Log Files > Today's Log Files
    -Edit your Firewall Rules, expand Advanced, and tick the box for Log Traffic.  Be aware that this can get very resource intensive.  Only recommended for troubleshooting purposes for frequently hit rules.
    -There are other logging options at Network Protection > Firewall > Advanced.  Again, should only be used for troubleshooting.
    -Flow Monitor.  In the upper right portion of the Dashboard, there is a table of your interfaces.  Click on any of the boxes under In/Out and you will get a popup that will show current traffic through the interface.

    If you really want to see everything, from the shell, you can use TCPDump.
    __________________
    ACE v8/SCA v9.3

    ...still have a v5 install disk in a box somewhere.

    http://xkcd.com
    http://www.tedgoff.com/mb
    http://www.projectcartoon.com/cartoon/1
Reply
  • 0
    The Live Logs are limited in scope and you can't modify how they display information, but there are some things you can check in WebAdmin for further information:

    -Check the full log at Logging & Reporting > View Log Files > Today's Log Files
    -Edit your Firewall Rules, expand Advanced, and tick the box for Log Traffic.  Be aware that this can get very resource intensive.  Only recommended for troubleshooting purposes for frequently hit rules.
    -There are other logging options at Network Protection > Firewall > Advanced.  Again, should only be used for troubleshooting.
    -Flow Monitor.  In the upper right portion of the Dashboard, there is a table of your interfaces.  Click on any of the boxes under In/Out and you will get a popup that will show current traffic through the interface.

    If you really want to see everything, from the shell, you can use TCPDump.
    __________________
    ACE v8/SCA v9.3

    ...still have a v5 install disk in a box somewhere.

    http://xkcd.com
    http://www.tedgoff.com/mb
    http://www.projectcartoon.com/cartoon/1
Children
No Data
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?