Project

General

Profile

Actions

Feature #8090

closed

Log Action of traffic when using float rule match to log traffic

Added by Jonny Proud about 7 years ago. Updated about 7 years ago.

Status:
Closed
Priority:
Normal
Assignee:
-
Category:
-
Target version:
-
Start date:
11/13/2017
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Release Notes:

Description

I have a rule in float rules, which is set as follows.

Action: Match
Interface: LAN,DMZ
Family Address: IPV4
Protocol: Any
Source Address: Any
Port: Any
Destination Address: Any
Port: Any

Log Traffic: True

When using this rule all traffic is logged but does say if its Pass,Block. SYSLOG reports as unkn(%u). If it would be made so it knew which it was that would be great.
This would save time when wanting to log traffic and you've got loads of rules which need it turning on.

If it could be done it would be most appreciated.

Jonny

Actions #1

Updated by Jim Pingle about 7 years ago

  • Status changed from New to Closed

It can't log "pass" or "block" because the log wasn't triggered by a pass or block rule. It doesn't have that kind of knowledge at that point, it only sees the rule that triggered the action (match). If anything, the log output could be changed to know about the "match" action, but it could never say pass or block as you want.

Actions

Also available in: Atom PDF