How to use regex in pfsense firewall logs (GUI)
-
pfSense: 2.3.2-RELEASE-p1
How can I filter two ports in the firewall logs? I just can't figure it out.
Go to Status > System Logs > Firewall > Normal view > Advanced Log Filter to try. Like on the picture, I want to filter out every IP using ports 5223 and 993. But no result. I looked up in the regex doc, tried multiple combinations but nothing works. When I put one value, then there is no problem.
-
Remove the space.
What that is actualy filtering on is "5223 "|" 993"
-
Well thank you very much NOYB! Quick and efficient!
-
You're welcome.
It's an area of the system I'm very familiar with. ;)
-
!(5223|993) In the source and/or destination ports.
