Hi,
I would like to see all new tcp sessions.
I put this command in the system:
set system conntrack log tcp destroy
However, I did not find any specific log.
By the “show logs” command, I did not find or look at /var/log/messages
Could you help me?
You could enjoy the output of “conntrack -L” but I guess you are more after to see a logentry for every new tcp session thats setup?
Exactly.
I would like to see logentry for every new tcp session
Maybe create a firewall rule for new tcp connection (or established) and enable log for that rule?
Isnt that what these lines in the config are supposed to do?
set system conntrack log icmp new
set system conntrack log other new
set system conntrack log tcp new
set system conntrack log udp new
I thought that, however, I do not see the logs in any files.
The firewalll session log is packet log.
The information security area demanded session logs from me.
Something similar to conntrack -L, but in a log file.
I have opened a task that these lines doesnt seems to be working as expected: ⚓ T5471 Conntrack logging doesnt seem to be working
set system conntrack log icmp new
set system conntrack log other new
set system conntrack log tcp new
set system conntrack log udp new
Hi @Apachez,
Thank you for bringing this to our attention. We appreciate your involvement in the VyOS community and your proactive approach in identifying issues. Thank you again for your engagement in the community.
Best,
Joe