DrayTek UK Users' Community Forum

Help, Advice and Solutions from DrayTek Users

Syslog not logging firewall events ( 3.3.3_232201 firmware)

  • frogfootuk
  • Topic Author
  • Offline
  • New Member
  • New Member
More
08 Dec 2009 16:30 #59266 by frogfootuk
Hi,
Whilst setting up some firewall rules to content filter traffic for my kids laptops, I noticed that I could not get syslog to log the block events, the ruleset seems to work, blocking access to nefarious sites

I have set up a new rule (ruleset 3) which contains one rule, this rule is as below...
Direction LAN ->WAN
Source IP - IP of Kids Computers
Destination - Any
Service Type - Any
Fragments - Dont Care

Filter Pass if no further match Syslog checkbox not checked

Branch to other filter set - None
IM/P2P filter - defined ruleset selected and syslog box checked
URL Content - defined ruleset selected and syslog box checked
Web Content Filter - defined ruleset selected and syslog box checked

The only way that I can get any entries in the syslog is to check the first checkbox (next to Filter Pass if no further match) but this logs all passed traffic and not the blocked traffic.

Any help would be gratefully recieved.

Thanks
Tom

Please Log in or Create an account to join the conversation.

  • frogfootuk
  • Topic Author
  • Offline
  • New Member
  • New Member
More
08 Dec 2009 19:00 #59273 by frogfootuk
Hmm, interesting, it seems that if I log to USB disk and then open the file with the log viewer in Syslog 4.2.1 then I can see the block messages in the firewall tab, however if i direct the router syslog output directly to the syslog 4.2.1 application the block messages dont appear, but WAN log/VPN call log etc do appear.

Just a little bit buggy.

Tom

Please Log in or Create an account to join the conversation.

Moderators: ChrisSami