Received: from mail-qt1-f174.google.com (mail-qt1-f174.google.com [209.85.160.174])
	by nld3-dev1.alpinelinux.org (Postfix) with ESMTPS id C45BE781F34
	for <~alpine/users@lists.alpinelinux.org>; Wed,  1 Apr 2020 20:10:55 +0000 (UTC)
Received: by mail-qt1-f174.google.com with SMTP id z24so1315429qtu.4
        for <~alpine/users@lists.alpinelinux.org>; Wed, 01 Apr 2020 13:10:55 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=mime-version:from:date:message-id:subject:to;
        bh=x1pxCcxm9Be30ofVelHCFTmHHYnv2sCLv2IfLJtmEwU=;
        b=WkWmQReD1jxQ3Wj8MZEs0Hna1skv+uW+WyKWjf0SoL9DYXBjvAxZXdcDWs9ZDxEvWG
         x+Y3zTVxOi6jUXEKEDw3SDBWyM1+UrWMIN+XvpRwM7uWHCLQA96/JRrIrIxG8kPC9i5h
         atgMPlQe+YLaT0cwt7Ye0aSu2fmSDbu1fEKonDAW+eVaPlxSBURMN2GLMgMJzFtKVWzz
         cyyJdxb+Nm8oVKBE755g/1xzFkx8vqWGBrFD6Fx44gXGDiIoOoEragGT7+QqqspHsPHd
         KMe0bG7E3pDPqTk4Cryc/Lt5lSn6Zk7CANrGdMEgJafKz1yKlKv8L/iWYGzywhQy5JgJ
         b8wA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:from:date:message-id:subject:to;
        bh=x1pxCcxm9Be30ofVelHCFTmHHYnv2sCLv2IfLJtmEwU=;
        b=T40yz9QGibMhIkby1VF4UnfBgtCblcdlNiFgJrDnJH3TL/oYVFtOaumuZt6Uuef+JG
         KqCM1LUkr7vFOjALoUjLuQXiqflDu3Uu+mfMGVTqjRmoMsUvLoD03t2EcfZZvqyswAQU
         58t8MoUG6SRlOUj8RjoSfx8L7WXP+04cq4YVTytqm+2/QorniVNb82Sf8sSZeis9tzUW
         n7XJNXdfA475zW6hlUS+J//7mD0UeqTRFpL3xaMnyKr+5GAgjJAnrjKriN3vf593VykA
         mE0po0S0OMcwXLXziTgmh70mmmxK7ggBumZRrKh4on5+nXnITRwMQsbGXmwODlWruGLP
         4K/A==
X-Gm-Message-State: ANhLgQ3o630EL2cwsuu5u1QT54nqczT1YyGooUhqet3tgF5Mk1Zhy419
	VwWucC/5gYzefuKD/wW2SsCQxDDBBvsChlm8wamiOQIy
X-Google-Smtp-Source: ADFU+vu/YtWAu6lWQzl+BkefscqMzWzTKgz7pihTOFoDlmAv9n1efgtEUQB1C+swUajQ0rG8F+GThlqVgLhs6qYxp4w=
X-Received: by 2002:ac8:12cb:: with SMTP id b11mr12295421qtj.384.1585771854142;
 Wed, 01 Apr 2020 13:10:54 -0700 (PDT)
MIME-Version: 1.0
From: Andrew Duty <andrew.duty.87@gmail.com>
Date: Wed, 1 Apr 2020 14:10:42 -0600
Message-ID: <CABsR=fQwROqVUf+k5kBBQAAEDmyqnoVHMF9-L+S1mKYHjU8BNw@mail.gmail.com>
Subject: awall difficulties
To: ~alpine/users@lists.alpinelinux.org
Content-Type: text/plain; charset="UTF-8"

I am new to awall and having some difficulties. First, dropped packets
are not showing in /var/log/messages. According to the documentation
(https://wiki.alpinelinux.org/wiki/How-To_Alpine_Wall#Logging), this
should happen by default. I explicitly added a drop rule
({ "in": "LAN", "action": "drop" }) in the policy section, which caused
a log rule to show up in iptables(logdrop-0  all  --  anywhere anywhere,
with a corresponding logdrop-0 chain), but I still see nothing in the
logs. I tested this by disabling my ssh rule (which does result in ssh
being blocked), and tailing /var/log/messages while attempting to ssh to
the machine.

Additionally, awall seems to ignore my use of zones. I have defined two
zones and use them in my rules, but every line in iptables has a source
and destination of 'anywhere'. For example, I have LAN defined
("LAN": { "iface": "eth0" }) and use it in my allow ssh rule:

{
  "description": "Allow SSH in",

  "filter": [
    {
      "in": "LAN",
      "out:": "_fw",
      "service": "ssh",
      "action": "accept"
    }
  ]
}

but the resulting rule in iptables is

ACCEPT  tcp  --  anywhere  anywhere  tcp dpt:ssh

What am I doing wrong? Any help would be greatly appreciated.

$ apk list -I | grep awall
awall-1.7.1-r0 x86_64 {awall} (GPL-2.0) [installed]

$ cat /etc/alpine-release
3.11.3