On Wed, Jun 15, 2005 at 12:23:51PM +0300, Nikolay Kalev wrote: > Hello, > > I have a few question about pf. > When i do "tcpdump -netttv -i pflog0" with it i get the rule number > which blocked the current packet. Is this the actual number in the > "/etc/pf.conf" file or actual number in "pfctl -s rules" ? Is rules like > scrub or set limit for example counted, are this rule numbers after the > rules are optimized ? Is there a way to see the rule number and actual > rule with "pfctl" command :-)))?
You can get the rule number from the output of `pfctl -vvs rules`. However, at least on my systems, I usually get two rules with a rule number 0. A bug or a feature, I'm not sure. -jon
