I have a forwarding rule and I'd like to log when it is being used. In my zone file I have port forwarding set up using a rich rule:
<forward-port …/>
firewall-config shows this rich rule, and it displays all of its particulars. But if I try to edit it in firewall-config the "Log" checkbox is disabled.
Is this a firewall-config 2.0.2 limitation, or a backend limitation? I am using FirewallBackend=nftables
On 13.12.2023 16:32, Sam Varshavchik wrote:
I have a forwarding rule and I'd like to log when it is being used. In my zone file I have port forwarding set up using a rich rule:
<forward-port …/>
firewall-config shows this rich rule, and it displays all of its particulars. But if I try to edit it in firewall-config the "Log" checkbox is disabled.
Is this a firewall-config 2.0.2 limitation, or a backend limitation? I am using FirewallBackend=nftables
Briefly checking source - firewall-config disables log field for forward-port rules.
On Wed, Dec 13, 2023 at 08:32:20PM +0300, Andrei Borzenkov wrote:
On 13.12.2023 16:32, Sam Varshavchik wrote:
I have a forwarding rule and I'd like to log when it is being used. In my zone file I have port forwarding set up using a rich rule:
<forward-port …/>
firewall-config shows this rich rule, and it displays all of its particulars. But if I try to edit it in firewall-config the "Log" checkbox is disabled.
Is this a firewall-config 2.0.2 limitation, or a backend limitation? I am using FirewallBackend=nftables
Briefly checking source - firewall-config disables log field for forward-port rules.
Indeed. It doesn't look possible from the CLI either. AFAIK, it should be possible. Please file a feature request on github.
firewalld-users@lists.fedorahosted.org