Vyatta Network OS Documentation

Learn how to install, configure and operate the Vyatta NOS, which helps drive our virtual networking & physical platforms portfolio.

security firewall name <name> rule <rule-number> log

Enables or disables per-packet logging of firewall rule actions. Use only for debugging purposes.

set security firewall name name rule rule-number log
delete security firewall name name rule rule-number log
show security firewall name name rule rule-number

Actions are not logged.

name
The name of a firewall rule set.
rule-number
The numeric identifier of a rule. The identifier ranges from 1 through 9999.

Configuration mode


security {
    firewall {
        name name {
            rule rule-number {
                log
            }
        }
    }
}

Use the set form of this command to enable or disable logging of firewall rule actions.

Use this type of logging only for debugging purposes. Per-packet logging occurs in the forwarding paths and can greatly reduce the throughput of the system and dramatically increase the disk space used for the log files. For all operational purposes, use stateful session logging instead of per-packet logging (see security firewall session-log <protocol>).

Use the delete form of this command to delete the logging value for a rule.

Use the show form of this command to display the logging value for a rule.