On 2007/03/20 09:24, Lawrence Horvath wrote: > is there a way to tag the packets going to pflog, i can see the > packets being blocked with tcpdump on /var/log/pflog, but i would like > to know what rule is blocking them
if you use '-e' to tcpdump, it dumps the link-layer headers - on a pflog(4) interface this includes the rule number.