Super Dumb Question re Logs
-
Been having 'issues' with IPSec so have been paying more attention to the firewall log than usual - and I have come to a conclusion.
I have no idea how to link a log entry to a particular rule … I mean rule 179 doesn't exactly tell me much - given that none of my rules have numbers.
i.e. pf: 124. 995672 rule 179/0(match): block in on ng0:
sure I know it was blocked, sure I can even identify the IP Addresses and there is a short 'description' i.e igmp query v2 but thats it ....
This is just an example of the problem for me - can somebody please explain this stuff ... pf: 124. 995672 rule 179/0(match)
And tell me how to identify the 'rule' that it thinks matches.
-
If you view the logs in the gui, click the red "x" icon and it will show a window with the rule.
From the CLI, use the output of "pfctl -vvsr"
-
I am looking from the web interface and …. what red cross ?????
There are no red crosses anywhere on my log window.
And then I changed the view .... there is the red cross on the simple view .... when viewing in raw format there is no red cross - and I've only been using pFsense 2 years :-[