logging pass rules
Travis H.
solinym at gmail.com
Sun May 7 21:38:54 UTC 2006
On 5/6/06, Aguiar Magalhaes <magalhj at yahoo.com.br> wrote:
> I'd like to make the same with the pass rules and then
> to know the matched pass rule:
>
> block log all
> pass in on $int_if inet proto tcp from $internal_net
> to any port 80 keep state
> pass in on $int_if proto udp from $internal_net to any
> port 53 keep state
> ... etc
>
> Do I have to add the word "log" for each pass rule ?
> Is there another way ?
pfctl -s rules -v -v (check "Evaluations" and "Packets" fields)
> How can i do it ?
p="pass log"
$p in on $int_if inet proto tcp from $interna_net...
See? I've saved you two whole bytes per rule!
--
"Curiousity killed the cat, but for a while I was a suspect" -- Steven Wright
Security Guru for Hire http://www.lightconsulting.com/~travis/ -><-
GPG fingerprint: 9D3F 395A DAC5 5CCC 9066 151D 0A6B 4098 0C55 1484
More information about the freebsd-pf
mailing list