I have following rules set up:
Code: Select all
Flags: X - disabled, I - invalid, D - dynamic
0 ;;; Drop invalid connections
chain=input action=drop connection-state=invalid
1 ;;; Allow established connections
chain=input action=accept connection-state=established
2 ;;; Allow internal LAN to connect to the router (required for DNS!)
chain=input action=accept src-address=192.168.0.0/24 in-interface=!WAN
3 chain=input action=log log-prefix="Dropped:"
4 ;;; Drop everything that is not previously allowed
chain=input action=drop
and send some traffic that will be dropped (since the websites respond my host does not answer to ping).
However, I can't see the IP of said sites show up in the log. Any idea what might cause this not to work?
best regards,
Jeroen