Is it possible to temporarily enable logging on all firewall rules?

  • (...with a few clicks only.)

    I'm trying to find the rule that's permitting traffic from a device, it's not set to log.

    Usually it would be pretty easy to find the rule in the live view but if it's not logged...yeah. Can logging be enabled/disabled/setbacktopreviousstate for all rules at once?

    The output to a syslog server; is it only generated by the logged rules on pfSense or is it the raw filtering (meta)data?

    Possible option B would be pfBlockerNG to attempt of making it adding the hosts into an alias then use that to create a temporary rule and so on, or that's the idea. :)