Re: Mapping pf syslog rule numbers to lines in pf.conf
* James Shupe jsh...@hermetek.com [2015-01-26 21:47]: On 1/26/2015 2:42 PM, Alan McKay wrote: I have some firewall blocks I want to investigate and of course they are reported as matching a specific rule number - but I am not sure how to map that back to a line in my pf.conf pfctl -sr -R rulenum pfctl -vvsr is the usual way, shows all rules prefixed w/ the rule #, as well as some per-rule counters. Further details can be found in the man page. indeed :) -- Henning Brauer, h...@bsws.de, henn...@openbsd.org BS Web Services GmbH, http://bsws.de, Full-Service ISP Secure Hosting, Mail and DNS. Virtual Dedicated Servers, Root to Fully Managed Henning Brauer Consulting, http://henningbrauer.com/
Re: Mapping pf syslog rule numbers to lines in pf.conf
On Mon, Jan 26, 2015 at 03:42:22PM -0500, Alan McKay wrote: Hey folks, This one seems to be difficult to google - not coming up with much. I have some firewall blocks I want to investigate and of course they are reported as matching a specific rule number - but I am not sure how to map that back to a line in my pf.conf Could someone enlighten me? thanks, -Alan -- Don't eat anything you've ever seen advertised on TV - Michael Pollan, author of In Defense of Food Don't know if this is what you're after, but it will list the rules by number. pfctl -g -s rules | grep '@' /Hasse
Re: Mapping pf syslog rule numbers to lines in pf.conf
On Mon, Jan 26, 2015 at 3:47 PM, James Shupe jsh...@hermetek.com wrote: pfctl -sr -R rulenum Further details can be found in the man page. Oh man that was way too easy! Anyone in Ottawa is welcome to come by and give me 10 lashes ... ( hangs head in shame ) THanks. I was trying to search through the man page but the work rule occurs quite a few times ;-) -- Don't eat anything you've ever seen advertised on TV - Michael Pollan, author of In Defense of Food
Re: Mapping pf syslog rule numbers to lines in pf.conf
On 01/26/15 20:42, Alan McKay wrote: Hey folks, This one seems to be difficult to google - not coming up with much. I have some firewall blocks I want to investigate and of course they are reported as matching a specific rule number - but I am not sure how to map that back to a line in my pf.conf Could someone enlighten me? thanks, -Alan Also look at: -g Include output helpful for debugging. as in: pfctl -g -sr @1 are the rule numbers. hth Fred
Re: Mapping pf syslog rule numbers to lines in pf.conf
On 1/26/2015 2:42 PM, Alan McKay wrote: Hey folks, This one seems to be difficult to google - not coming up with much. I have some firewall blocks I want to investigate and of course they are reported as matching a specific rule number - but I am not sure how to map that back to a line in my pf.conf Could someone enlighten me? thanks, -Alan pfctl -sr -R rulenum Further details can be found in the man page. -- James Shupe
Mapping pf syslog rule numbers to lines in pf.conf
Hey folks, This one seems to be difficult to google - not coming up with much. I have some firewall blocks I want to investigate and of course they are reported as matching a specific rule number - but I am not sure how to map that back to a line in my pf.conf Could someone enlighten me? thanks, -Alan -- Don't eat anything you've ever seen advertised on TV - Michael Pollan, author of In Defense of Food
