Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Issues / Complaints with firewall log display

    General pfSense Questions
    2
    2
    459
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      txadmin last edited by

      Hi,

      I've noticed several issues with the firewall log displays in pfSense. Some are regressions, I believe, while some are marked WONTFIX and I take issue with that. Below are my findings.

      Regression 2.1 RC0 -> 2.1.3: Firewall logs don't show names of rules

      I just upgraded, and the firewall names (sometimes useless though they are, see below) have disappeared. Now, only the interface is shown in the log.

      Bug: Reject rules show up in the logs with the red "block" symbol

      I believe traffic triggered by reject rules should have the yellow X beside them to better indicate the action taken.

      Feature request: Make the firewall log rule names consistent

      When security policy changes in the pfsense firewall, the log information on the rule name shifts, giving inaccurate information. I have seen several posts suggesting that this is a WONTFIX, and that's just the nature of the pf firewall logs. Is this a deficiency in pfsense, or pf? Every professional firewall vendor has consistent logs regarding the rule that triggered an event. From a security and investigative perspective, a firewall log that contains inconsistent data is useless. Do I need a plugin? Is there any way to resolve this?

      1 Reply Last reply Reply Quote 0
      • jimp
        jimp Rebel Alliance Developer Netgate last edited by

        @txadmin:

        Regression 2.1 RC0 -> 2.1.3: Firewall logs don't show names of rules

        That is an option in the system log settings. They can be configured to show as their own column, their own row, or not at all. Your old snapshot may have been before it was moved to its own option.

        @txadmin:

        Bug: Reject rules show up in the logs with the red "block" symbol

        That's how pf logs them, nothing we can do about that.

        @txadmin:

        Feature request: Make the firewall log rule names consistent

        We are doing this on 2.2 each rule is getting its own tracking ID that won't change. This is already done in 2.2 and should be working now.

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • First post
          Last post