Firewall Logging of Dropped Packets

  • I need to log all dropped packets going through my pfSense based on firewall drop rules. This could easily turn into hundreds of Kpps of packets getting dropped at any given time.

    • Is there a way to rate limit the logging of dropped packets?
    • How does pfSense handle the attempt to log (write locally or forward) more drop logs than it can handle?


  • LAYER 8 Global Moderator

    Out of the box pfsense logs all dropped backs hitting the wan. And even on the lan if its out of state and dropped it would be logged.

    If you have a question about your specific rules you will need to post them so we have some reference to discuss.

  • This post is deleted!

Log in to reply