mike tancsa wrote on 2020/01/22 14:39:
On 1/22/2020 5:13 AM, Miroslav Lachman wrote:
mike tancsa wrote on 2020/01/20 15:37:
Also, is there a better way to monitor pf rule changes ? I dont see
any mention in FreeBSD audit ?
Monitoring of PF rules is kind of hard and not just because of
automa
On 1/22/2020 5:13 AM, Miroslav Lachman wrote:
> mike tancsa wrote on 2020/01/20 15:37:
>> Also, is there a better way to monitor pf rule changes ? I dont see
>> any mention in FreeBSD audit ?
>
> Monitoring of PF rules is kind of hard and not just because of
> automatic tables. (automatic tables a
mike tancsa wrote on 2020/01/20 15:37:
I have a process that runs every few min looking to see if the pf rules
changed on some of our firewalls. On one customer unit, we have a
"self" statement and the script detected a change this morning. The
rule reads
block log quick from to self
block lo
