Hi,
Whilst setting up some firewall rules to content filter traffic for my kids laptops, I noticed that I could not get syslog to log the block events, the ruleset seems to work, blocking access to nefarious sites

I have set up a new rule (ruleset 3) which contains one rule, this rule is as below...
Direction LAN ->WAN
Source IP - IP of Kids Computers
Destination - Any
Service Type - Any
Fragments - Dont Care

Filter Pass if no further match Syslog checkbox not checked

Branch to other filter set - None
IM/P2P filter - defined ruleset selected and syslog box checked
URL Content - defined ruleset selected and syslog box checked
Web Content Filter - defined ruleset selected and syslog box checked

The only way that I can get any entries in the syslog is to check the first checkbox (next to Filter Pass if no further match) but this logs all passed traffic and not the blocked traffic.

Any help would be gratefully recieved.

Thanks
Tom

Hmm, interesting, it seems that if I log to USB disk and then open the file with the log viewer in Syslog 4.2.1 then I can see the block messages in the firewall tab, however if i direct the router syslog output directly to the syslog 4.2.1 application the block messages dont appear, but WAN log/VPN call log etc do appear.

Just a little bit buggy.

Tom