I setup some firewall rules to block all traffic EXCEPT for DNS and HTTP. The DNS rule works fine… The HTTP rule doesn’t seem to work, http traffic is still dropped.
When I look at the logs, I see the traffic but, I don’t see:
1) What protocol the traffic is (and therefore why it’s being dropped).
2) whether the traffic is accepted or dropped by the rules.
How/where can I see this information? Is there a system log somewhere? Are there logging options that I am missing?