CPF logging not working [Resolved]

Hi all. I have searched the message base, but can’t find a answer that fits the question. :-[
While trying to trouble shoot a problem with FTP Passive not working, I went to look at the logs and found that as of 10/10/06 the logs have stopped being recorded. That is there are NO errors showing. I know that I should at least see some ICMP errors.

Has anyone else seen this problem and maybe have a cure for it. ;D


(B) Lee

Yes, when the user has accidentally replaced/removed CPFs default blocking rule (should be the last rule - Block & Log) from the Network Monitor. Check the Network Monitor & ensure this rule is still present. Post an image of your Network Monitor rules, if you’re uncertain.

I checked the various rules first thing. They are there. If I check the box for outgoing TCP, a log is made in this case. Just not the usual stuff I am used to seeing. I couldn’t be this lucky. ;D

Thanks for the idea.

(B) Lee

Luck is not a factor. :wink:

Seriously, just to be certain… I think you should visit one those web-based scan sites (a couple of URLs below). Assuming you’re not behind a router (or some such kit that has a hardware firewall), then this should put something in your log. Failing that, get a friend (who you explicitly trust) to poke at your firewall from their system.

GRC - GRC | Gibson Research Corporation Home Page  
Sygate - http://scan.sygate.com/

Kail, thats a great idea. I will take a detour over to one of those sites and see what happens.

(B) Lee

Well, I had a little free time this evening and did several ONLINE checks. Sure enough, there are entry’s in the log. I can only assume that CPF has WORKED SO WELL that I no longer have any baddies causing internal problems, and have been just plain lucky with no on line hits recently.
Thanks for all of your help.

(B) Lee

No problem Lee. I’m just glad its working.