bastille icon indicating copy to clipboard operation
bastille copied to clipboard

Published 20 hours ago verified publisher icon BastilleBSD

[ENHANCEMENT] Support logging in dynamic rdr rules

Open nmurali94 opened this issue 3 years ago • 1 comments

Is your feature request related to a problem? Please describe. I usually log connections to my jails. But I can't do this when using bastille rdr which dynamically inserts the rdr rule using pfctl.

There doesn't seem to be any support for this. I wanted to check if there was any interest in supporting this before I created a PR

Describe the solution you'd like I'd like an extension to the current bastille rdr parameters with something like

Usage: bastille rdr TARGET [clear|list|(tcp|udp host_port jail_port [ log [ ( logopts ) ] ] ) ]

where the log keyword is optional and logopts is defined in the Grammar section of pf.conf

Describe alternatives you've considered The only alternative I see is to basically use static rdr rules in pf.conf which isn't ideal in many cases

Additional context

nmurali94 avatar Nov 30 '21 02:11 nmurali94

I like this idea but haven't had any time to implement on my own. If you can submit a PR I'll review.

cedwards avatar Jan 15 '22 03:01 cedwards

#502 was merged. marking this one as fixed by @nmurali94 .

closing.

bmac2 avatar Oct 20 '23 18:10 bmac2