Disable logging in traffic still logs traffic

rv@kaufmann.dkrv@kaufmann.dk
in Firebox - Dimension, Logging and Reporting

Hi,

T15 12.5U1

If you create a policy denying traffic to the firefox internal interface on a given port (or just firefox as destination), disable logging, you will still get logs in FSM.
For exampel deny udp 4886 to the internet interface.

Robert

Comments

  • Bruce_BriggsBruce_Briggs
    edited August 2019

    Please post an example for our amusement
    Is the destination really that interface IP Addr?

  • rv@kaufmann.dkrv@kaufmann.dk

    2019-08-31 22:04:53 Deny 192.168.9.22 192.168.9.1 4886/udp 60346 4886 103-Home network Firebox Denied 28 1 (Firefox Wifi Tickling to Firebox-00) proc_id="firewall" rc="101" msg_id="3000-0148" Traffic

  • Bruce_BriggsBruce_Briggs

    Sure seems like a bug to me.
    Supposedly these are 0 length UDP payload packets. Possible issue here with logging?
    https://bugzilla.mozilla.org/show_bug.cgi?id=888268

    And, interestingly, there is no option for "Send log message for report" for a policy set to Denied like there is for a policy set to Allowed. Seem like there should be this option.

  • rv@kaufmann.dkrv@kaufmann.dk

    exactly

Sign In to comment.