| Summary: | forcing DNS traffic to use the local resolver - logging issue | ||
|---|---|---|---|
| Product: | IPFire | Reporter: | Jon <jon.murphy> |
| Component: | --- | Assignee: | Stefan Schantl <stefan.schantl> |
| Status: | CLOSED WORKSFORME | QA Contact: | |
| Severity: | - Unknown - | ||
| Priority: | - Unknown - | CC: | michael.tremer |
| Version: | 2 | ||
| Hardware: | unspecified | ||
| OS: | Unspecified | ||
| See Also: |
https://bugzilla.ipfire.org/show_bug.cgi?id=12653 https://bugzilla.ipfire.org/show_bug.cgi?id=11168 https://bugzilla.ipfire.org/show_bug.cgi?id=12278 |
||
| Bug Depends on: | |||
| Bug Blocks: | 12278 | ||
| Attachments: |
iptables sample compare
firewall log iptables -L -nv and iptables -t nat -L -nv |
||
|
Description
Jon
2021-07-05 19:43:47 UTC
When the DNS redirect firewall rule is enabled AND the logging is enabled OR DISABLED then there are LOTS of log entries. Not sure how to disable logging. The generated rules look okay to me. What does the log say? Maybe another rule is causing the entries... Created attachment 922 [details]
firewall log
This is the only rule (and nothing in firewall.local).
Here is the firewall log (see image)
This issue is present in CU160 (stable) (In reply to Jon from comment #3) > Created attachment 922 [details] > firewall log > > This is the only rule (and nothing in firewall.local). > > Here is the firewall log (see image) This is the expected log output. What did you expect? Just nothing because this should be expected? Could you send the output of "iptables -L -nv" and "iptables -t nat -L -nv"? Created attachment 946 [details]
iptables -L -nv and iptables -t nat -L -nv
requested output
Yes. If logging is unchecked then I expect the entries in the log to stop. (I think this is reasonable unless I am missing something) This time when I tried enabling the Log and then disabling the Log all worked. All of the INPUTFWs and DNATs disappeared when the log was off AND everything worked as expected. Ugh! So, never mind... OK to close... |