OpenGFW icon indicating copy to clipboard operation
OpenGFW copied to clipboard
verified publisher icon apernet

add matched rule name in log and debug outputs?

Open nw3000 opened this issue 1 year ago • 1 comments

it is hard to find out which specific rule actually trigged in logs when debugging why one stream been blocked or allowed:

2024-03-24T05:19:32Z    INFO    UDP stream action       {"id": 1771768123415990016, "src": "192.168.1.2:36877", "dst": "84.1.1.1:9993", "action": "allow", "noMatch": true}
2024-03-24T05:19:45Z    INFO    TCP stream action       {"id": 1771768812341536768, "src": "192.168.1.2:37245", "dst": "12.1.1.1:443", "action": "block", "noMatch": false}

is that possible you can enriching the log or debug output to add more info? something like

2024-03-24T05:19:32Z    INFO    UDP stream action       {"id": 1771768123415990016, "src": "192.168.1.2:36877", "dst": "84.1.1.1:9993", "action": "allow", "noMatch": true,  "reason": implicit default allow}

2024-03-24T05:19:45Z    INFO    TCP stream action       {"id": 1771768812341536768, "src": "192.168.1.2:37245", "dst": "12.1.1.1:443", "action": "block", "noMatch": false, "reason": - name: block  some site https - rules.yaml line 103 }

thank you.

nw3000 avatar Mar 24 '24 05:03 nw3000

Good suggestion. For now you can also add log: true to each entry, which essentially does the same thing

tobyxdd avatar Mar 24 '24 17:03 tobyxdd