5. Logging traffic on rule even if logging is switched off for the current rule

Logging traffic on rule even if logging is switched off for the current rule

  • E
     

    
Using: pfSense-Full-Update-1.2.3-20090407-0949.tgz.gz

The following is logged on syslog and in "Diagnostics: System logs: Firewall" when "Show raw filter logs" is enabled. If "Show raw filter logs" is disabled, the entry is only visible on the syslog server:

pf: 7\. 969869 rule 204/8(ip-option): pass in on rl0: (tos 0x0, ttl 54, id 78, offset 0, flags [DF], proto TCP (6), length 313, options (EOL)) xx.xxx.xxx.xx.50039 > 192.168.123.29.61456: P 0:257(257) ack 1 win 33120 <nop,nop,timestamp 0="" 7120472="">The logging for this rule is not enabled:

 <rule><type>pass</type>
			<interface>wan</interface>
			 <max-src-nodes><max-src-states><statetimeout><statetype>keep state</statetype>
			 <os><protocol>tcp/udp</protocol>
			<source>
				 <any><destination><address>192.168.123.29</address>

				<port>61456</port></destination></any></os></statetimeout></max-src-states></max-src-nodes></rule> 

I have not noticed this behaviour for other rules.

Besides this, thank you for this excellent firewall.</nop,nop,timestamp>
    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy