I am new to awall and having some difficulties. First, dropped packets
are not showing in /var/log/messages. According to the documentation
(https://wiki.alpinelinux.org/wiki/How-To_Alpine_Wall#Logging), this
should happen by default. I explicitly added a drop rule
({ "in": "LAN", "action": "drop" }) in the policy section, which caused
a log rule to show up in iptables(logdrop-0  all  --  anywhere anywhere,
with a corresponding logdrop-0 chain), but I still see nothing in the
logs. I tested this by disabling my ssh rule (which does result in ssh
being blocked), and tailing /var/log/messages while attempting to ssh to
the machine.

Additionally, awall seems to ignore my use of zones. I have defined two
zones and use them in my rules, but every line in iptables has a source
and destination of 'anywhere'. For example, I have LAN defined
("LAN": { "iface": "eth0" }) and use it in my allow ssh rule:

{
  "description": "Allow SSH in",

  "filter": [
    {
      "in": "LAN",
      "out:": "_fw",
      "service": "ssh",
      "action": "accept"
    }
  ]
}

but the resulting rule in iptables is

ACCEPT  tcp  --  anywhere  anywhere  tcp dpt:ssh

What am I doing wrong? Any help would be greatly appreciated.

$ apk list -I | grep awall
awall-1.7.1-r0 x86_64 {awall} (GPL-2.0) [installed]

$ cat /etc/alpine-release
3.11.3