Pfblockerng alrerts filter
-
i want to show only the alltert from a specific list and hide all the other.. sorry for my english :-\
i have installed pfblockerng from system -> package
i can filter by:
Date, Interface, Rule Number Only, Protocol, Source IP Address, Source Port, Destination IP Address and Destination Port. -
Yes. So
- either do NOT log the other lists if you do not want to see them
- or use the rule number shown in the alert log
What is your trouble exactly with using the filtering?
-
i have 10 list (crate a large number of allert), one of this list triggerd an allert (only one) but i can't fnd it in the allert log so i can't find who triggered it. and i don't know wich number rule insert in the filter…
EDIT: i want to see also the other allert so i don't want to diable the log for the other list...
EDIT2: i have see in the dashboard (pfblockerng widget) that the list blocked a packet but i can't find it in the log! -
How don't you know the list when it's shown directly in the alerts GUI?!? The last column is the list! You don't even need any filtering for that! Stop staring at the widget, go to Firewall - pfBlockerNG - Alerts. (When you click the pfBlockerNG widget title, it takes you right there!)
-
sorry for the edit of old post…i rewrite it there:
in the pfblocker widget (dashboard) i can see that the list triggerd an allert but i can't find it in the alerts and i cant set a fiter to show only that list -
Dude… the LAST COLUMN is the LIST!!! Kindly scroll right. Ugh!
-
ok..yes..but have a LARGE number of alert and i can t find the one from that list. and i don't know when it was triggered..so it's very difficult to find without a filter option…
-
So learn to use the filter! It's not like there'd be exactly a lack of options for filtering…
-
ok..yes..but have a LARGE number of alert and i can t find the one from that list. and i don't know when it was triggered..so it's very difficult to find without a filter option…
Your alerts tab might be out of sync with your firewall logs. Clear your firewall logs in <system><logs><firewall>. Wait a bit and try to match that up again like the Doktor suggested.
-> Edited because I was just working on a sink, and I can't spell. LMAO</firewall></logs></system>
-
