Is it possible to show which firewall rule was responsible for a
particular block shown on the logs page? This would be really useful
with complicated firewall rules, showing why a packet was blocked.
This thought occurred to me while I was trying to figure out why a
Linksys NSLU2 was being blocked over Port 80 (sample log entry:
12:06:18.130076 LAN 192.168.0.14, port 80 192.168.1.35, port
This is trying to reach it over the VPN connecting my 192.168.0.0/24
home network to my 192.168.1.1/24 work network. I can reach other
hosts on any port fine but the NSLU2 doesn't respond to ping, tcp over
port 80 and mounting a network share on it gets blocked too eventually
although oddly I can connect for a few seconds:
12:10:41.502859 LAN 192.168.0.14, port 139 192.168.1.44, port
I still have no idea about this one because I have no rules blocking
any traffic on the LAN interface.