Date: Sun, 7 May 2006 16:38:53 -0500 From: "Travis H." <solinym@gmail.com> To: "Aguiar Magalhaes" <magalhj@yahoo.com.br> Cc: freebsd-pf@freebsd.org Subject: Re: logging pass rules Message-ID: <d4f1333a0605071438w687d749agcf50924764109c45@mail.gmail.com> In-Reply-To: <20060507003840.46676.qmail@web31608.mail.mud.yahoo.com> References: <20060507003840.46676.qmail@web31608.mail.mud.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 5/6/06, Aguiar Magalhaes <magalhj@yahoo.com.br> wrote: > I'd like to make the same with the pass rules and then > to know the matched pass rule: > > block log all > pass in on $int_if inet proto tcp from $internal_net > to any port 80 keep state > pass in on $int_if proto udp from $internal_net to any > port 53 keep state > ... etc > > Do I have to add the word "log" for each pass rule ? > Is there another way ? pfctl -s rules -v -v (check "Evaluations" and "Packets" fields) > How can i do it ? p=3D"pass log" $p in on $int_if inet proto tcp from $interna_net... See? I've saved you two whole bytes per rule! -- "Curiousity killed the cat, but for a while I was a suspect" -- Steven Wrig= ht Security Guru for Hire http://www.lightconsulting.com/~travis/ -><- GPG fingerprint: 9D3F 395A DAC5 5CCC 9066 151D 0A6B 4098 0C55 1484
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?d4f1333a0605071438w687d749agcf50924764109c45>