Hello,
I have enabled the firewall at the DC, Host and VM level. Then, I've set the default policy on the VM to Drop, both in and outgoing traffic. With loglevel set to debug and no rules, nothing goes through and the traffic is logged.
Now, from the datacenter level, I created some security groups, that I'm planning to use here. So here comes the question: what loglevel should I set at the security group level, on a per rule basis, to make it log?
The problem I have: right now, I have an IP set formed by all the private IPs, because I want to drop all traffic to private IPs and only allow this machine to reach the internet. The drop rules are set to debug. VM Firewall loglevel is set to debug. From my point of view, this should log at least something, but nothing shows up in the logs so, how are the VM Firewall Loglevel and Security Groups Rules loglevel play together?
P.S. the rules work as designed, the only thing not working is the logging.
Thank you!
I have enabled the firewall at the DC, Host and VM level. Then, I've set the default policy on the VM to Drop, both in and outgoing traffic. With loglevel set to debug and no rules, nothing goes through and the traffic is logged.
Now, from the datacenter level, I created some security groups, that I'm planning to use here. So here comes the question: what loglevel should I set at the security group level, on a per rule basis, to make it log?
The problem I have: right now, I have an IP set formed by all the private IPs, because I want to drop all traffic to private IPs and only allow this machine to reach the internet. The drop rules are set to debug. VM Firewall loglevel is set to debug. From my point of view, this should log at least something, but nothing shows up in the logs so, how are the VM Firewall Loglevel and Security Groups Rules loglevel play together?
P.S. the rules work as designed, the only thing not working is the logging.
Thank you!
Last edited: