Switching

 View Only
last person joined: 4 days ago 

Ask questions and share experiences about EX and QFX portfolios and all switching solutions across your data center, campus, and branch locations.
Back to discussions
Expand all | Collapse all

Syslog file empty for firewall on QFX5120-32c

  • 1.  Syslog file empty for firewall on QFX5120-32c

    Posted 15 days ago

    I'm attempting to log deny hits on the firewall filter that I have applied to the loopback.   Below are the relevant lines from the config:

    set system syslog file firewall firewall any
    set firewall family inet filter PROTECT_RE_V4 term DEFAULT_DENY then count DEFAULT_DENY
    set firewall family inet filter PROTECT_RE_V4 term DEFAULT_DENY then log
    set firewall family inet filter PROTECT_RE_V4 term DEFAULT_DENY then syslog
    set firewall family inet filter PROTECT_RE_V4 term DEFAULT_DENY then discard

    The DEFAULT_DENY hit counter is increasing and there are logs in the buffer:

    switch> show firewall log    
    Log :
    Time      Filter    Action Interface           Protocol        Src Addr                         Dest Addr
    06:34:00  PROTECT_RE_V4 D  vme.0               TCP             10.1.234.2                       10.1.3.21
    06:33:56  PROTECT_RE_V4 D  vme.0               TCP             10.1.234.2                       10.1.3.21
    06:33:54  PROTECT_RE_V4 D  vme.0               TCP             10.1.234.2                       10.1.3.21

    However, the "firewall" log file in /var/log/ remains empty. 

    switch> file list /var/log/ detail | match firewall 
    -rw-rw----  1 root  wheel          0 Sep 11 10:34 firewall

    Am I missing something?

    Thanks,

    -Brian



    ------------------------------
    BRIAN LEHIGH
    ------------------------------