firewalld logging NAT rules

Support for security such as Firewalls and securing linux
Post Reply
alffonsse
Posts: 1
Joined: 2015/12/15 10:56:17

firewalld logging NAT rules

Post by alffonsse » 2015/12/15 11:06:52

Hi,

I am fighting with firewalld for a few hours now
I'm trying to have firewalld to log the access on my NAT rules but when I check /var/log/messages nothing appears
Here is my NAT rule :

Code: Select all

rule family="ipv4" source address="XX.XX.XXX.XXX" forward-port port="80" protocol="tcp" to-port="80" to-addr="192.168.250.2" log prefix="IIS_ACCEPT" level="info"
And here is the rule to open the SSH port which is logging correctly :

Code: Select all

rule family="ipv4" source address="XX.XX.XXX.XXX" port port="22" protocol="tcp" log prefix="SSH_ACCEPT " level="info" accept
What did I do wrong ? Is there a special way to log the NAT rules ?

Thanks in advance for your help,
Alffonsse

aks
Posts: 2829
Joined: 2014/09/20 11:22:14

Re: firewalld logging NAT rules

Post by aks » 2015/12/15 17:13:09

Doesn't firewalld log to /var/log/firewalld by default?
AFAIK, the only thing that can be logged at the moment is on the INPUT chain.

Post Reply

Return to “CentOS 7 - Security Support”