DrayTek UK Users' Community Forum

Help, Advice and Solutions from DrayTek Users

How to log blocked incoming traffic with syslog

More
13 Apr 2011 18:28 #67270 by jm82
Hello,

I'm trying to enable passive FTP access to a server on my LAN from the internet. I have forwarded the passive port range on to the device, and can confirm success using an on-line port scanner and entries in the syslog that everything is as expected:

Code:
13-04-2011 17:55:46: DrayTek: Open port: 208.64.252.230:55685 -> XXX.XXX.XXX.XXX:55536 (TCP) 13-04-2011 17:55:46: DrayTek: [FILTER][Pass][wan->lan, 390:10:43.070][@S:R=13:1, 208.64.252.230:55685->XXX.XXX.XXX.XXX:55536][TCP][HLen=20, TLen=60, Flag=S, Seq=2467707053, Ack=0, Win=5840]


However, I am having trouble when connecting from an FTP client. Filezilla logs shows:

Code:
... Command: PASV Response: 227 Entering Passive Mode (XXX,XXX,XXX,XXX,229,121). Command: LIST Error: Connection timed out Error: Failed to retrieve directory listing


I would like to see in the syslog evidence of something trying to connect to the router, but the syslog only appears to log accepted packets and blocked DOS attempts. Using the online port scanner to connect to a port not open/explicitely filtered does not show in the logs.

Can someone tell me if/how this is possible please?

Thanks in advance.

Please Log in or Create an account to join the conversation.

Moderators: Sami