Would like the filter log to show IP that are related to an alias
-
Hello all, I have created an alias with malicious IPs (the alias name is Malicious) and I would like to see if any of these addresses has been used in incoming or outgoing connections. Is there a way to see anything in the log with the name "alias" ?
Thank you.
-
Put a description on your rule where you use this alias.. And then sure it will list that name/desc in your log..
I don't see how you can filter on rule name in the normal filter, etc. But you could always just search the name in your browser..
example
-
Using a specific rule with an appropriate description is the only viable way. Doing a reverse lookup on the address to find it in aliases/tables may be possible but it doesn't scale well. Especially when you get into situations like pfBlocker where there may be hundreds of thousands of table entries.