Hi, > On 27. Dec 2019, at 6:45 PM, Kristof Provost <kris...@sigsegv.be> wrote: > > What are you trying to accomplish?
Some people believe that "last match" is a great metric to audit rules for intrusion detection and all sorts ruleset optimisation and refinement. In OPNsense the question has popped up a few times to support it, but without doing it in pf(4) directly it makes little sense as you'd have to crawl pflog output and even then you can't crawl non-log rules this way... Cheers, Franco _______________________________________________ freebsd-pf@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-pf To unsubscribe, send any mail to "freebsd-pf-unsubscr...@freebsd.org"
