From owner-freebsd-pf@freebsd.org  Thu Jun 15 18:21:56 2017
Return-Path: <owner-freebsd-pf@freebsd.org>
Delivered-To: freebsd-pf@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 0CDADD8F9FD
 for <freebsd-pf@mailman.ysv.freebsd.org>; Thu, 15 Jun 2017 18:21:56 +0000 (UTC)
 (envelope-from mg@maltedoc.de)
Received: from mail.maltedoc.de (mail.maltedoc.de [IPv6:2001:1608:10:226::4])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256
 bits)) (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id A8A5A7EF8C
 for <freebsd-pf@freebsd.org>; Thu, 15 Jun 2017 18:21:55 +0000 (UTC)
 (envelope-from mg@maltedoc.de)
Received: from garlic.maltedoc.de (unknown [IPv6:2001:1608:10:226::7])
 by mail.maltedoc.de (Postfix) with ESMTPSA id C2E711B71B4
 for <freebsd-pf@freebsd.org>; Thu, 15 Jun 2017 20:25:34 +0200 (CEST)
To: freebsd-pf@freebsd.org
From: Malte Graebner <mg@maltedoc.de>
Subject: pf logging only no active filtering
Message-ID: <ce326104-b653-1839-8b2a-687a39da7188@maltedoc.de>
Date: Thu, 15 Jun 2017 20:21:50 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101
 Thunderbird/52.1.0
MIME-Version: 1.0
Content-Language: en-US
X-PPP-Message-ID: <20170615182534.17590.38891@mail.maltedoc.de>
X-PPP-Vhost: maltedoc.de
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
X-Content-Filtered-By: Mailman/MimeDel 2.1.23
X-BeenThere: freebsd-pf@freebsd.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: "Technical discussion and general questions about packet filter
 \(pf\)" <freebsd-pf.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-pf>,
 <mailto:freebsd-pf-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-pf/>
List-Post: <mailto:freebsd-pf@freebsd.org>
List-Help: <mailto:freebsd-pf-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
 <mailto:freebsd-pf-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 15 Jun 2017 18:21:56 -0000

Hello folks,
is there an option, to only log all stuff going on via "log" command and 
without taking any action to traffic flow itself ?

I'm migrating an existing iptables firewall, and i want to set the new 
one in front of it and bridge the traffic to the old one. Meanwhile I 
want to test my iptables -> pf ruleset and snooping the bridge traffic 
with pflog and tcpdump, but the "new" firewall needs to let the traffic 
flow without take any actions except logging.


br,

malte