Default Drop Rule v18

Hello John,

I already asked this a couple of months ago. See the discussion here: https://community.sophos.com/xg-firewall/f/discussions/123399/new-drop-all-rule-in-v-18

In short:

- Activating logging on the default drop rule is not possible.
- You can put a explicit deny rule before the default drop rule with logging. This was the method you needed to use in V 17.5 to see the dropped traffic.

But does that work in version 18? When I see #0 on that rule how do you get ahead of it. This is why I have used more than one firewall for years. Not that I want to manage more than one. thanks      *** why they could not just leave the LOG as an option is beyond me? So far it is not working other than showing related outside connections that were initially instigated from the inside. No ankle biter/ bot events are showing. 

But does that work in version 18? When I see #0 on that rule how do you get ahead of it. This is why I have used more than one firewall for years. Not that I want to manage more than one. thanks      *** why they could not just leave the LOG as an option is beyond me? So far it is not working other than showing related outside connections that were initially instigated from the inside. No ankle biter/ bot events are showing.