Date: Fri, 09 Sep 2005 14:52:15 -0400 From: bob self <bobself@charter.net> To: freebsd-pf@freebsd.org Subject: selective logging of what pf is rejecting? Message-ID: <4321D9DF.5080206@charter.net>
next in thread | raw e-mail | index | archive | help
My pf.conf file looks something like this block in all block out all pass quick on lo0 keep state antispoof for $ext_if pass in on $ext_if from <goodguys> to any keep state pass in log on $ext_if proto tcp from any to $ext_if port 80 flags S/SA keep state label "www" #apache block in on $ext_if from <badguys> to any pass out on $ext_if proto tcp from any to any flags S/SA keep state # allow any tcp setup out pass out on $ext_if proto udp all keep state # allow any udp out pass on $ext_if inet proto icmp all icmp-type 8 code 0 keep state # allow echo request in or out, (man pf.conf:1618) Is there a way I can turn on (temporarily) logging of wht pf is not allowing to come in? Also, is there a real-time tool that will let you watch what pf if blocking from coming in? How could you just log what pf allows to get through? thanks, Bob Self
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4321D9DF.5080206>