using quick phrase has the side effect, that Im not able to see, if
there are any packets that would be blocked which shouldn't, because of
not eval the hole ruleset ( about 500 rules ).
e.g. : multiple bi directional nat rules , doing not what I expect them
to do. Then I can fix the ruleset, without affecting the live
environment. But therefore I need to process the hole ruleset, to not
get unhandy suprises with some rules when going live.
Am 15.06.2017 um 21:18 schrieb Mike Tancsa:
On 6/15/2017 2:21 PM, Malte Graebner wrote:
Hello folks,
is there an option, to only log all stuff going on via "log" command and
without taking any action to traffic flow itself ?
Perhaps
pass quick log <make it specific or general as you want>
... quick matches and then no longer evals the rules.
---Mike
_______________________________________________
freebsd-pf@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-pf
To unsubscribe, send any mail to "freebsd-pf-unsubscr...@freebsd.org"
