Date: Fri, 09 Sep 2005 14:52:15 -0400 From: bob self <bobself@charter.net> To: freebsd-pf@freebsd.org Subject: selective logging of what pf is rejecting? Message-ID: <4321D9DF.5080206@charter.net>
index | next in thread | raw e-mail
My pf.conf file looks something like this block in all block out all pass quick on lo0 keep state antispoof for $ext_if pass in on $ext_if from <goodguys> to any keep state pass in log on $ext_if proto tcp from any to $ext_if port 80 flags S/SA keep state label "www" #apache block in on $ext_if from <badguys> to any pass out on $ext_if proto tcp from any to any flags S/SA keep state # allow any tcp setup out pass out on $ext_if proto udp all keep state # allow any udp out pass on $ext_if inet proto icmp all icmp-type 8 code 0 keep state # allow echo request in or out, (man pf.conf:1618) Is there a way I can turn on (temporarily) logging of wht pf is not allowing to come in? Also, is there a real-time tool that will let you watch what pf if blocking from coming in? How could you just log what pf allows to get through? thanks, Bob Selfhome | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4321D9DF.5080206>