How to find out rule numbers?

Started by actionhenkt, November 17, 2019, 08:57:29 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
November 17, 2019, 08:57:29 AM
Hi,

Im trying to set up a logging server where im sending logs from opnsense to. The rule numbers are sent to the logging server but the rule decription is not, im trying to match the rule number I got from the log to the rule number in opnsense to set a description in grafana manually. Is there a way to lookup all rule numbers + description somewhere in opnsense ?
August 05, 2020, 12:24:06 PM #1
I know this is an old post now, but I have just run into the same problem. I would like to get a rule id to description/name mapping out of opnsense. Anyone know where to start?
August 06, 2020, 01:07:42 AM #2 Last Edit: August 06, 2020, 01:19:20 AM by thewer
For anyone googling this, the best I have come up with is to look at /tmp/rules.debug which contains rule ID's and then descriptions as a comment. Then some grep/sed/awk magic you can probably get what you want...

EDIT: forgot to say that "pfctl -vvsr" is also needed to get the rule number to label mapping :)

"pfctl -vvsr" - gives rule id (e.g. 179) to label (e.g. b6da060442c571d1957683eaace57cce)
"/tmp/rules.debug" - gives label (e.g. b6da060442c571d1957683eaace57cce) to description (e.g. "allow ssh in")
Print
Go Up Pages1
User actions