Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Logging traffic on rule even if logging is switched off for the current rule

    Scheduled Pinned Locked Moved 1.2.3-PRERELEASE-TESTING snapshots - RETIRED
    1 Posts 1 Posters 1.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • E
      eskild
      last edited by

      
      Using: pfSense-Full-Update-1.2.3-20090407-0949.tgz.gz
      
      The following is logged on syslog and in "Diagnostics: System logs: Firewall" when "Show raw filter logs" is enabled. If "Show raw filter logs" is disabled, the entry is only visible on the syslog server:
      
      pf: 7\. 969869 rule 204/8(ip-option): pass in on rl0: (tos 0x0, ttl 54, id 78, offset 0, flags [DF], proto TCP (6), length 313, options (EOL)) xx.xxx.xxx.xx.50039 > 192.168.123.29.61456: P 0:257(257) ack 1 win 33120 <nop,nop,timestamp 0="" 7120472="">The logging for this rule is not enabled:
      
       <rule><type>pass</type>
      			<interface>wan</interface>
      			 <max-src-nodes><max-src-states><statetimeout><statetype>keep state</statetype>
      			 <os><protocol>tcp/udp</protocol>
      			<source>
      				 <any><destination><address>192.168.123.29</address>
      
      				<port>61456</port></destination></any></os></statetimeout></max-src-states></max-src-nodes></rule> 
      
      I have not noticed this behaviour for other rules.
      
      Besides this, thank you for this excellent firewall.</nop,nop,timestamp> 
      
      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.