User Tools

Site Tools


linux:network_firewalld

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision
Previous revision
linux:network_firewalld [2021/01/01 21:25]
127.0.0.1 external edit
linux:network_firewalld [2023/10/18 15:19] (current)
manu [Logging all inbound and outbound traffic with firewalld direct rules]
Line 72: Line 72:
  
 The log is automatically created in **/​var/​log/​firewalld** The log is automatically created in **/​var/​log/​firewalld**
 +
 +===== Logging all inbound and outbound traffic with firewalld direct rules =====
 +
 +Rule to log all incoming traffic setting log level to 4:
 +<cli prompt='#'>​
 +# firewall-cmd --direct --add-rule ipv4 filter INPUT 0 -p all -s 0.0.0.0/0 -j LOG --log-prefix "INPUT " --log-level 4
 +</​cli>​
 +
 +Rule to log all outgoing traffic setting log level to 4:
 +<cli prompt='#'>​
 +# firewall-cmd --direct --add-rule ipv4 filter OUTPUT 0 -p all -s 192.168.1.10 -j LOG --log-prefix "​OUTPUT " --log-level 4
 +</​cli>​
 +With nftables as backend, direct rules are given a higher precedence than all other firewalld rules.
 +
 +To check if the rules are applied:
 +<cli prompt='#'>​
 +# firewall-cmd --direct --get-all-rules
 +</​cli>​
 +
 +To make the rules permanent:
 +<cli prompt='#'>​
 +# firewall-cmd --runtime-to-permanent
 +</​cli>​
 +
 +To list all direct permanent rules:
 +<cli prompt='#'>​
 +# firewall-cmd --direct --get-all-rules --permanent
 +</​cli>​
 +Traffic logs are written in /​var/​log/​firewall
 + 
linux/network_firewalld.1609532708.txt.gz · Last modified: 2021/01/01 21:25 by 127.0.0.1