• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Firewall rule numbers in syslog?

Scheduled Pinned Locked Moved Firewalling
3 Posts 2 Posters 2.2k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • K
    kapara
    last edited by Apr 29, 2008, 9:49 AM

    Is there a way by looking at this log to tell which rule has allowed the packet to pass?  Can this be referenced?  rule 53/0(match):  I know I can find it since I allowed port 21 to 10.10.0.14 but I was hoping there might be an easy way to reference the rules by looking at the syslog and pinpointing which rule either allowed or blocked traffic.

    2008-04-28 22:04:43 Local0.Info 10.10.0.1 Apr 28 22:04:42 pf: 20. 480571 rule 53/0(match): pass in on em0: (tos 0x0, ttl  47, id 50838, offset 0, flags [DF], proto: TCP (6), length: 64) (From IP).51474 > 10.10.0.14.21: S 2638049757:2638049757(0) win 65228 <mss 1460,nop,wscale="" 0,[|tcp]="">Thanks

    Mark</mss>

    Skype ID:  Marinhd

    1 Reply Last reply Reply Quote 0
    • H
      hoba
      last edited by Apr 29, 2008, 8:49 PM

      Klick the pass/block/reject icon in front of the log entry at status>systemlogs, firewall. It will tell you exactly what rule triggered that action. Another option is to download or look at /tmp/rules.debug (diagnostics>edit file or diagnostics>command, download).

      1 Reply Last reply Reply Quote 0
      • K
        kapara
        last edited by Apr 30, 2008, 5:51 AM

        Thanks Hoba,

        Easy to see in the gui but if I am looking at the syslog and I try to find Rule 53 in the rules.debug, there is no way to easily pinpoint which rule is allowing this to pass through.

        Thanks,

        Mark

        Skype ID:  Marinhd

        1 Reply Last reply Reply Quote 0
        3 out of 3
        • First post
          3/3
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
          This community forum collects and processes your personal information.
          consent.not_received