Rules info 1770009538.. as an example



  • Hello PFSense Masters.. I am having hard time to identify where to get the info about a code 1770009538 (as an example).. I would like to get that data so I could create a new rule if it gets false positive.

    Thanks


  • Moderator

    "1770" rules are for pfBlockerNG. You can edit your pfSense firewall log settings to show the Descriptions as a second line.



  • thanks here is an example of the one I wonder

    1000000110

    Ty!


  • LAYER 8 Global Moderator

    Just enable the descriptions in the firewall log settings… Or just view the full rules with

    https://doc.pfsense.org/index.php/How_can_I_see_the_full_PF_ruleset

    And you can see which rule that number shows up on..

    [2.4.2-RELEASE][root@sg4860.local.lan]/root: pfctl -vvsr | grep 1000000110
    @23(1000000110) pass in quick inet6 proto ipv6-icmp from fe80::/10 to fe80::/10 icmp6-type echoreq keep state
    @24(1000000110) pass in quick inet6 proto ipv6-icmp from fe80::/10 to fe80::/10 icmp6-type routersol keep state
    @25(1000000110) pass in quick inet6 proto ipv6-icmp from fe80::/10 to fe80::/10 icmp6-type routeradv keep state
    @26(1000000110) pass in quick inet6 proto ipv6-icmp from fe80::/10 to fe80::/10 icmp6-type neighbrsol keep state
    @27(1000000110) pass in quick inet6 proto ipv6-icmp from fe80::/10 to fe80::/10 icmp6-type neighbradv keep state
    [2.4.2-RELEASE][root@sg4860.local.lan]/root:


Log in to reply