Posted: Thu Jun 03, 2021 14:56 Post subject: Security Log Management: Nothing Being logged
I wanted to see the detail and information with incoming and outgoing records but am seeing nothing. Am I missing a basic setup/function.
Security/Firewall/Log Management
Log: Enabled
Log Level: Low
Options:
Dropped, Accepted, Rejected: All Enabled
I am stuck on the current code level due to the reported and known problems with Apple Devices and the GUI being unresponsive. _________________ Linksys WRT3200ACM
VersionDD-WRT v3.0-r50500 std (10/13/22)
Kernel VersionLinux 4.9.330 #3466 SMP Thu Oct 13 02:01:23 +07 2022 armv7l
Linksys RE9000 Extender (WiFi attached)
OpenVPN with PBR: ExpressVPN
Devices: Sonos, Apple, QNAP, Laserjet other
Joined: 04 Aug 2018 Posts: 1447 Location: Appalachian mountains, USA
Posted: Fri Jun 04, 2021 0:52 Post subject:
I believe you have to enable kernel logging as well (GUI>Services>Services? I'm away and can't check) to get that firewall logging to work.
I suggest disabling the logging of accepted packets, as they'll generally be so numerous as to overwhelm the log. Consider tcpdump to watch accepted packets. Easy to google. _________________ 2x Netgear XR500 and 3x Linksys WRT1900ACSv2 on 53544: VLANs, VAPs, NAS, station mode, OpenVPN client (AirVPN), wireguard server (AirVPN port forward) and clients (AzireVPN, AirVPN, private), 3 DNSCrypt providers via VPN.
I believe you have to enable kernel logging as well (GUI>Services>Services? I'm away and can't check) to get that firewall logging to work.
I suggest disabling the logging of accepted packets, as they'll generally be so numerous as to overwhelm the log. Consider tcpdump to watch accepted packets. Easy to google.
Thanks! Syslogd and Klogd are both enabled is there something else I’m missing? _________________ Linksys WRT3200ACM
VersionDD-WRT v3.0-r50500 std (10/13/22)
Kernel VersionLinux 4.9.330 #3466 SMP Thu Oct 13 02:01:23 +07 2022 armv7l
Linksys RE9000 Extender (WiFi attached)
OpenVPN with PBR: ExpressVPN
Devices: Sonos, Apple, QNAP, Laserjet other
Joined: 04 Aug 2018 Posts: 1447 Location: Appalachian mountains, USA
Posted: Fri Jun 04, 2021 4:08 Post subject:
FlaParrotHead wrote:
SurprisedItWorks wrote:
I believe you have to enable kernel logging as well (GUI>Services>Services? I'm away and can't check) to get that firewall logging to work.
I suggest disabling the logging of accepted packets, as they'll generally be so numerous as to overwhelm the log. Consider tcpdump to watch accepted packets. Easy to google.
Thanks! Syslogd and Klogd are both enabled is there something else I’m missing?
No idea, as it's been a couple years and many builds since I tried it.
Anyone? _________________ 2x Netgear XR500 and 3x Linksys WRT1900ACSv2 on 53544: VLANs, VAPs, NAS, station mode, OpenVPN client (AirVPN), wireguard server (AirVPN port forward) and clients (AzireVPN, AirVPN, private), 3 DNSCrypt providers via VPN.
Joined: 16 Nov 2015 Posts: 6447 Location: UK, London, just across the river..
Posted: Fri Jun 04, 2021 16:18 Post subject:
Log Level: Low
try medium or high
do in mind high is sometimes too much...but it wont hurt to try... _________________ Atheros
TP-Link WR740Nv1 ---DD-WRT 55630 WAP
TP-Link WR1043NDv2 -DD-WRT 55723 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55779 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55819 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55779 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
Sadly, I am stuck on 44048 until the issue with the GUI and current level Apple iOS systems is looked at. When Apple moved to iOS 14.5 and MacOS 13.1 the GUI became almost non responsive. _________________ Linksys WRT3200ACM
VersionDD-WRT v3.0-r50500 std (10/13/22)
Kernel VersionLinux 4.9.330 #3466 SMP Thu Oct 13 02:01:23 +07 2022 armv7l
Linksys RE9000 Extender (WiFi attached)
OpenVPN with PBR: ExpressVPN
Devices: Sonos, Apple, QNAP, Laserjet other