show log firewall
Displays the firewall log.
Logs are displayed for all rules for the specified firewall.
- firewall-name
- Specifies the firewall by name.
- rule-number
- Restricts the output to a firewall rule.
Operational mode
Use this command to display the log for a specified firewall. Include a firewall rule to restrict the output to that rule.
For this command to work, the syslog level must be set to (notice, info, or debug) by using the set system syslog global facility dataplane level command.
The following example shows how to display the log for firewall fw1.
vyatta@vyatta:~$ show log firewall name fw1
2016-05-23T14:17:19.332976+00:00 localhost dataplane[16115]: fw rule fw1:10000 block tcp(6) src=dp0s10/2a:db:9c:f4:a2:a0/10.0.1.1(1000) dst=/52:54:0:13:af:c9/10.0.2.1(80) len=40 ttl=64 window=512 res=0x00 SYN urgp=0
2016-05-23T14:17:19.432974+00:00 localhost dataplane[16115]: fw rule fw1:10000 block tcp(6) src=dp0s10/2a:db:9c:f4:a2:a0/10.0.1.1(1001) dst=/52:54:0:13:af:c9/10.0.2.1(80) len=40 ttl=64 window=512 res=0x00 SYN urgp=0
2016-05-23T14:17:19.533278+00:00 localhost dataplane[16115]: fw rule fw1:10000 block tcp(6) src=dp0s10/2a:db:9c:f4:a2:a0/10.0.1.1(1002) dst=/52:54:0:13:af:c9/10.0.2.1(80) len=40 ttl=64 window=512 res=0x00 SYN urgp=0
2016-05-23T14:17:19.633260+00:00 localhost dataplane[16115]: fw rule fw1:10000 block tcp(6) src=dp0s10/2a:db:9c:f4:a2:a0/10.0.1.1(1003) dst=/52:54:0:13:af:c9/10.0.2.1(80) len=40 ttl=64 window=512 res=0x00 SYN urgp=0
2016-05-23T14:17:19.733200+00:00 localhost dataplane[16115]: fw rule fw1:10000 block tcp(6) src=dp0s10/2a:db:9c:f4:a2:a0/10.0.1.1(1004) dst=/52:54:0:13:af:c9/10.0.2.1(80) len=40 ttl=64 window=512 res=0x00 SYN urgp=0
...
^C
vyatta@vyatta:~$