[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: PF/logging rule number



On Sat, Nov 02, 2002 at 01:53:09AM -0500, Jason Dixon wrote:
> Does anyone else think that the ability to log the last matching rule
> number (as indexed in 'pfctl -s rules') would be a glorious feature? 
> This is found in iptables and is a really nice debugging tool.
It's already there.  Use the "-e" option to tcpdump to get
link-level headers when reading from the pflog0 interface.  E.g.:
	tcpdump -e -n -ttt -l -i pflog0 
	- deej
-- 
Daniel (DJ) Gregor
OSU Network Security Group
http://www.net.ohio-state.edu/security/