firewall: logging in prerouting rules not shown in 'show log firewall'
Open, NormalPublicBUG
Actions

Assigned To

None

Authored By

	L0crian
	Wed, Dec 24, 5:53 PM

Description

When doing a prerouting rule with logging, the rule isn't showing in show log firewall.

Config:

set firewall ipv4 prerouting raw rule 10 action 'accept'
set firewall ipv4 prerouting raw rule 10 log
set firewall ipv4 prerouting raw rule 10 protocol 'icmp'

show log firewall

vyos@vyos# run show log firewall 
-- No entries --

show log

vyos@vyos# run show log | match ipv4
Dec 24 17:47:55 kernel: [ipv4-PRE-raw-10-A]IN=eth0 OUT= MAC=0c:c1:de:7f:00:00:0c:2a:77:49:00:00:08:00 SRC=10.0.1.2 DST=10.0.2.2 LEN=100 TOS=0x00 PREC=0x00 TTL=254 ID=30 PROTO=ICMP TYPE=8 CODE=0 ID=6 SEQ=0

NOTE: The logs are showing when doing `show log firewall ipv4 prerouting'

vyos@vyos# run show log firewall ipv4 prerouting 
Dec 24 17:47:55 kernel: [ipv4-PRE-raw-10-A]IN=eth0 OUT= MAC=0c:c1:de:7f:00:00:0c:2a:77:49:00:00:08:00 SRC=10.0.1.2 DST=10.0.2.2 LEN=100 TOS=0x00 PREC=0x00 TTL=254 ID=30 PROTO=ICMP TYPE=8 CODE=0 ID=6 SEQ=0

The fix should be as simple as adding PRE to the journalctl regex.

Details

Version: 1.5
Is it a breaking change?: Unspecified (possibly destroys the router)
Issue type: Bug (incorrect behavior)

Event Timeline

L0crian created this task.Wed, Dec 24, 5:53 PM

pasik subscribed.Thu, Dec 25, 9:29 AM

Viacheslav triaged this task as Normal priority.Fri, Dec 26, 10:31 AM