Bug #3374
closed
Firewall logs shows incorrect rules
0%
Description
Over time, Firewall log is going crazy and picking random rule to show.
Reason to this bug is unknown to me.
Files
Updated by Jim Pingle over 11 years ago
- Status changed from New to Rejected
It isn't random, it's just using what it knew at the time.
The rules are matched using what is recorded in the actual pf log by pf when processing the traffic. If the rules were reloaded/changed in between log messages, then it doesn't have a way to know what rule processed that traffic at the time the rules were different, so it prints the description of the current rule using the number instead.
At the time the log message didn't line up, something else must have inserted a couple rules and then took them back out.
Updated by Dmitriy K over 11 years ago
I see. Pretty understandable reason.
Basically speaking, if my pfsense box will go berserk with "reload fw filter" each few hours I'll never get a real "picture" of used rules? Now I understand why I never saw real situation with applied rules, heh.
Sad.
Updated by 