Created attachment 920 [details] iptables sample compare issue happened during test of "testing forcing DNS traffic to use the local resolver": https://lists.ipfire.org/pipermail/development/2021-June/010692.html https://patchwork.ipfire.org/project/ipfire/patch/20210630184031.7726-1-stefan.schantl@ipfire.org/ --- Disable logging (and click apply changes) the logging does not stop. I
When the DNS redirect firewall rule is enabled AND the logging is enabled OR DISABLED then there are LOTS of log entries. Not sure how to disable logging.
The generated rules look okay to me. What does the log say? Maybe another rule is causing the entries...
Created attachment 922 [details] firewall log This is the only rule (and nothing in firewall.local). Here is the firewall log (see image)
This issue is present in CU160 (stable)
(In reply to Jon from comment #3) > Created attachment 922 [details] > firewall log > > This is the only rule (and nothing in firewall.local). > > Here is the firewall log (see image) This is the expected log output. What did you expect? Just nothing because this should be expected? Could you send the output of "iptables -L -nv" and "iptables -t nat -L -nv"?
Created attachment 946 [details] iptables -L -nv and iptables -t nat -L -nv requested output
Yes. If logging is unchecked then I expect the entries in the log to stop. (I think this is reasonable unless I am missing something)
This time when I tried enabling the Log and then disabling the Log all worked. All of the INPUTFWs and DNATs disappeared when the log was off AND everything worked as expected. Ugh! So, never mind...
OK to close...