When zone logging is enabled and the global forward policy set to drop or
reject, then stage an extra logging rule to log traffic that will be
dropped by subsequent rules or the global reject policy.
Ref: https://forum.openwrt.org/t/x/137182/4
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
{% endif %}
{% fw4.includes('chain-append', `forward_${zone.name}`) %}
jump {{ zone.forward }}_to_{{ zone.name }}
+{% if (fw4.forward_policy() != "accept" && (zone.log & 1)): %}
+ log prefix "{{ fw4.forward_policy() }} {{ zone.name }} forward: "
+{% endif %}
}
{% if (zone.dflags.helper): %}