linux:network_firewalld
Differences
This shows you the differences between two versions of the page.
| Next revision | Previous revision | ||
|
linux:network_firewalld [2021/01/01 21:25] 127.0.0.1 external edit |
linux:network_firewalld [2023/10/18 15:19] (current) manu [Logging all inbound and outbound traffic with firewalld direct rules] |
||
|---|---|---|---|
| Line 72: | Line 72: | ||
| The log is automatically created in **/var/log/firewalld** | The log is automatically created in **/var/log/firewalld** | ||
| + | |||
| + | ===== Logging all inbound and outbound traffic with firewalld direct rules ===== | ||
| + | |||
| + | Rule to log all incoming traffic setting log level to 4: | ||
| + | <cli prompt='#'> | ||
| + | # firewall-cmd --direct --add-rule ipv4 filter INPUT 0 -p all -s 0.0.0.0/0 -j LOG --log-prefix "INPUT " --log-level 4 | ||
| + | </cli> | ||
| + | |||
| + | Rule to log all outgoing traffic setting log level to 4: | ||
| + | <cli prompt='#'> | ||
| + | # firewall-cmd --direct --add-rule ipv4 filter OUTPUT 0 -p all -s 192.168.1.10 -j LOG --log-prefix "OUTPUT " --log-level 4 | ||
| + | </cli> | ||
| + | With nftables as backend, direct rules are given a higher precedence than all other firewalld rules. | ||
| + | |||
| + | To check if the rules are applied: | ||
| + | <cli prompt='#'> | ||
| + | # firewall-cmd --direct --get-all-rules | ||
| + | </cli> | ||
| + | |||
| + | To make the rules permanent: | ||
| + | <cli prompt='#'> | ||
| + | # firewall-cmd --runtime-to-permanent | ||
| + | </cli> | ||
| + | |||
| + | To list all direct permanent rules: | ||
| + | <cli prompt='#'> | ||
| + | # firewall-cmd --direct --get-all-rules --permanent | ||
| + | </cli> | ||
| + | Traffic logs are written in /var/log/firewall | ||
| + | |||
linux/network_firewalld.1609532708.txt.gz · Last modified: 2021/01/01 21:25 by 127.0.0.1
Page Tools
Except where otherwise noted, content on this wiki is licensed under the following license: GNU Free Documentation License 1.3
