Suggestion - use rule label not just number

Started by opnsense-user123, December 30, 2017, 05:40:05 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
December 30, 2017, 05:40:05 PM
Hello:

When perusing the firewall logs I like to know (in certain cases) what rule caused a pass or a block action, so I found the setting where I could choose to have that displayed as a second line (the other option was in a column). Now when I go to the firewall log, normal view, I see the pass or block line as usual and a new line just below that which says something like:

Code Select
@9

and that's it. A whole line dedicated to that rule number. But how do I know what that rule number refers to? I googled up a way, login to opnsense on the command line, switch to root, and enter the command:

Code Select
pfctl -vvsr

then scroll through and find the number, or grep for it I suppose. You might find a line like:

Code Select
@79 pass in quick on igb1 inet from (igb1:network:1) to any flags S/SA keep state label "USER_RULE: Default allow LAN to any rule"

In my opinion, this is not the best way for a system which does provide a GUI like opnsense!

I suggest you use the large amount of space available on that line after the @(rule-number) to parse the LABEL and show it to the user there in GUI.

Is this an appropriate place to suggest / request this improvement, so should I also post elsewhere? Thanks.
December 30, 2017, 05:42:52 PM #1
feature requests are preferred on GitHub. In your case it is the core repository.
December 30, 2017, 07:47:19 PM #2
I think it was posted and answered here:

https://github.com/opnsense/core/issues/2034
Print
Go Up Pages1
User actions