View Single Post
  #3   (View Single Post)  
Old 16th July 2008
audio audio is offline
Port Guard
Join Date: May 2008
Posts: 17

Originally Posted by J65nko View Post
Add some log modifiers to your pf ruleset. Then you can use tcpdump -eni pflog0 to verify which rule matched a packet.
I can do that, but for example if I do a tcpdump -eni pflog0 not reason match" then I don't get any results. There are a lot of other reasons in the PF manual such as bad-offset, fragment, short, normalize, memory, etc., and I'd like to be able to trigger those and see them in the logs, or in the pf info stats.
Reply With Quote