Bridge traffic and LOG rules to syslog

  • 14 April 2020
  • 1 reply

I’m wondering what bridge traffic is in the following context:

Bridge traffic that matches LOG ACTION rules are not logged in syslog; the kernel and hardware identify packets using different information.

I’ve been trying to get LOG rules for inter-vlan traffic and traffic that ends up in the INPUT chain to show up in syslog. I can see the counters of the LOG rules increasing but alas, nothing in syslog. Is bridge traffic more than just L2 in this context? Switch info:

Build............ Cumulus Linux 4.0.0
Model............ Accton AS5812
ASIC............. Broadcom Trident2+ BCM56864


1 reply

Userlevel 5

Any traffic using VLANs which are a layer2 concept, are generally using a bridge to move between VLANs. In that case the caveat would apply. What you are seeing is expected given the documentation note.