Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 11 replies
  • Subscribers 8 subscribers
  • Views 1316 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Identify which Packet filter (firewall) rule was used to allow or block?

Jay Jay

Short of enabling logging for all firewall rules, is there some way of seeing which rule allowed or blocked certain traffic? Something in console/command line?



This thread was automatically locked due to age.
Parents
  • 0

    Could you try a Policy Test (available as the other tab when you View Logs)? It's mainly to test web policies, hence the name, but does give information on firewall rule matches.

    Or maybe Diagnostics > Connection List with appropriate filtering? (I just tried this and in my particular use case it unfortunately shows "No Rule" for the Rule ID, so maybe not foolproof.)

    Or maybe Diagnostics > Packet Capture? That seems to show Rule ID.

Reply
  • 0

    Could you try a Policy Test (available as the other tab when you View Logs)? It's mainly to test web policies, hence the name, but does give information on firewall rule matches.

    Or maybe Diagnostics > Connection List with appropriate filtering? (I just tried this and in my particular use case it unfortunately shows "No Rule" for the Rule ID, so maybe not foolproof.)

    Or maybe Diagnostics > Packet Capture? That seems to show Rule ID.

Children
Unfiltered HTML