On Sat, Nov 02, 2002 at 01:53:09AM -0500, Jason Dixon wrote:
> Does anyone else think that the ability to log the last matching rule
> number (as indexed in 'pfctl -s rules') would be a glorious feature?
> This is found in iptables and is a really nice debugging tool.
It's already there. Use the "-e" option to tcpdump to get
link-level headers when reading from the pflog0 interface. E.g.:
tcpdump -e -n -ttt -l -i pflog0
- deej
--
Daniel (DJ) Gregor
OSU Network Security Group
http://www.net.ohio-state.edu/security/
