2
0
mirror of https://github.com/opnsense/docs synced 2024-11-09 01:10:33 +00:00
opensense-docs/source/manual/logging_firewall.rst
2019-08-27 16:23:45 +02:00

43 lines
2.0 KiB
ReStructuredText

==============
Log Files
==============
When troubleshooting problems with your firewall, it is very likely you have to check
the logs available on your system. In the UI of OPNsense, the log files are generally grouped
with the settings of the component they belong to. The log files can be found here:
================ ======================================================== =============================================================================
**Live View** :menuselection:`Firewall --> Log Files --> Live View` *View firewall logs in realtime, smart filtering can be applied*
**Plain View** :menuselection:`Firewall --> Log Files --> Plain View` *Just the plain contents how **pf** logs into **filter.log** *
================ ======================================================== =============================================================================
.. Note::
Log files on file system:
/var/log/filter.log (clog)
Live View
---------
Live view updates itself in realtime if a rule is matched that has logging enabled or one of the global logging options is enabled under:
:menuselection:`System --> Settings --> Logging`
For better troubleshooting you can provide a filter string. This filter may include regular expressions.
Lets assume one logging entry as one single string without special separators.
So for just displaying packets that match DNS replies from wan to your lan clients in segment 192.168.1.0/24, you have to use:
.. code-block:: sh
WAN.*:53.*192.168.1
or to be even more correct
.. code-block:: sh
WAN.*:53.*192\.168\.1\.
========== ====================== ===================== ====================== ========================
**WAN** **.*** **:53** **.*** **192\.168\.1\.**
Interface 1 or more characters first match of port 1 or more characters destination ip address
========== ====================== ===================== ====================== ========================