Do you recognize a good idea when you see one? We want to hear from you!
Header Image

I suggest you ...

Preset logging level (actual logging options / full log) for fast debug

Imagine that you have 100 packetfilter rules not logged, 50 nat rules not logged, some im/p2p rules set as "Do not control". If you have troubles, perhaps it would be very usefull to easly and fastly switch from actual logging level to full logging level, without manually set (and then restore) every log option for each rule.

This "Full log" option, should also:

- log autopacket rules, that in this moment are not logged
- overrides those exceptions (ie. in web security) that prevents some hosts to be logged.

10 votes
Vote
Sign in
Check!
(thinking…)
Reset
or sign in with
  • facebook
  • google
    Password icon
    I agree to the terms of service
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    flaserraflaserra shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

    1 comment

    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      I agree to the terms of service
      Signed in as (Sign out)
      Submitting...
      • Thorsten LiebThorsten Lieb commented  ·   ·  Flag as inappropriate

        And it would be great to see in this "Detail/Debug Mode" the complete init of a connection (SYN, SYN+ACK, ACK). Right now the Live-Log doesn't tell you anything about whats really going on under the "hood" - you are blind to security problems. With tcpdump you can get the missing infos, but this is not recommended for the "normal" firewall admin.

      Feedback and Knowledge Base