Your forum username:
Do you already have an account?
Forgot your password?
  • Log in or Sign up


    Welcome to Sky User - The Unofficial Support Forum for everything Sky! - Proudly helping over 65k members.


    Advertisement

    Results 1 to 4 of 4

    Firewall Logging on ER115

    This is a discussion on Firewall Logging on ER115 within the Router stats forums, part of the Broadband Technical Help category; Hi, I have been looking at the output from the ER115 when sending logs to a syslog server. I have ...

    1. #1
      crayfish101's Avatar
      crayfish101 is offline Sky User Member
      Exchange:
      Broadband ISP: Sky Fibre Unlimited
      Router: Sky Q Hub ER115
      Sky TV: Sky Q 2TB
      Join Date
      Dec 2018
      Posts
      3
      Thanks
      0
      Thanked 0 Times in 0 Posts

      Firewall Logging on ER115

      Hi,

      I have been looking at the output from the ER115 when sending logs to a syslog server. I have managed to get the logs to be sent successfully but I notice that the firewall rule matches do not provide any detail on the action (Block/Accept).. Is this expected? I was hoping to be able to track traffic by firewall rule Action. I have rules to log always any outbound traffic (Accept) and inbound (Block). These rules do seem to be logging as I can see all the traffix.. but I don't see the action anywhere in the log.

      Here is an example:

      syslog: [355410.324000] always->Any(All)IN=br0 OUT= MAC=XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX SRC=NNN.NNN.NNN.NNN DST=NNN.NNN.NNN.NNN LEN=52 TOS=0x00 PREC=0x00 TTL=128 ID=28743 DF PROTO=TCP SPT=51012 DPT=45395 WINDOW=6


    2. Advertisement
    3. #2
      speedyrite's Avatar
      speedyrite is offline Sky User Member
      Exchange: MYHGT
      Broadband ISP: NOW Broadband
      Router: NOW TV Hub Two
      Sky TV: NOW TV
      Join Date
      Sep 2006
      Posts
      2,303
      Thanks
      356
      Thanked 155 Times in 149 Posts
      Blog Entries
      1

      Re: Firewall Logging on ER115

      I've got the NOW TV equivalent of your Sky router. What you are seeing in the log is correct and that's all you get. You will see an entry every time, regardless of whether the traffic is accepted or blocked. If you have got a port open, e.g. to accept and forward incoming traffic to access a VPN server on your home network, you would then need to have additional security (in this case running on the device that is the VPN server) to decide whether or not the traffic forwarded to the VPN server is allowed access or not. If you see what I mean?
      ++ speedyrite ... powered by NOW Broadband from June 2018 ++
      (previously powered by Sky Broadband from July 2007)

    4. #3
      crayfish101's Avatar
      crayfish101 is offline Sky User Member
      Exchange:
      Broadband ISP: Sky Fibre Unlimited
      Router: Sky Q Hub ER115
      Sky TV: Sky Q 2TB
      Join Date
      Dec 2018
      Posts
      3
      Thanks
      0
      Thanked 0 Times in 0 Posts

      Re: Firewall Logging on ER115

      That's rather disappointing.I really hope they add that feature. It's really not great without knowing if it was blocked... I am trying a workaround to analyse the traffic against the rules. It seems like a no-brainer to log the firewall action.. is there anywhere we can log feature requests like that?

    5. #4
      speedyrite's Avatar
      speedyrite is offline Sky User Member
      Exchange: MYHGT
      Broadband ISP: NOW Broadband
      Router: NOW TV Hub Two
      Sky TV: NOW TV
      Join Date
      Sep 2006
      Posts
      2,303
      Thanks
      356
      Thanked 155 Times in 149 Posts
      Blog Entries
      1

      Re: Firewall Logging on ER115

      Agree it would be useful. Sorry no idea how/where requests can be logged though.
      ++ speedyrite ... powered by NOW Broadband from June 2018 ++
      (previously powered by Sky Broadband from July 2007)

     

     

    Tags for this Thread

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •  
    SkyUser - Copyright © 2006-2017. SatDish and NewsreadeR | SkyUser is in no way affiliated with Sky Broadband / BSkyB
    RIPA NOTICE: NO CONSENT IS GIVEN FOR INTERCEPTION OF PAGE TRANSMISSION