Hello 
Is there any way to note in the pve-firewall logs what action (DROP/REJECT/ACCEPT) was taken when it happens on "security groups"? firewall
for example:
Unfortunately there is no information about what action was taken for a given connection. It just only information from which "security group" (default_rules)
How do you do this? to know that a particular connection was blocked or accepted
Making separate entries in groups for blocked connections seems suboptimal.
Is there any way to note in the pve-firewall logs what action (DROP/REJECT/ACCEPT) was taken when it happens on "security groups"? firewall
for example:
GROUP-default_rules-OUT 04/Apr/2022:10:33:53 +0200 IN=fwbr100i0 OUT=fwbr100i0 PHYSIN=tap100i0 PHYSOUT=fwln100i0 MAC=d4:76:a0:00:6a:4d:3a:68:38:b7:5e:ef:08:00 SRC=192.168.234.5 DST=192.168.1.1 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=37482 DF PROTO=TCPUnfortunately there is no information about what action was taken for a given connection. It just only information from which "security group" (default_rules)
How do you do this? to know that a particular connection was blocked or accepted
Making separate entries in groups for blocked connections seems suboptimal.
Last edited: