|
||||||||
I noticed on the "Firewall: Rules" pages you can click on the "Green Arrow", "Red X" or "Orange X" to temporarily disable or enable a particular rule. This is a very handy little feature - Even if it is sort of hidden. :) I have two feature requests that are related which would help tremendously with debugging: 1. Instead of displaying the logging icon next to a rule ONLY when a rule has logging enabled, put up a solid, colored logging icon when a rule is set to log and a grey logging icon when a rule is not configured to be logged. Then, using the same logic as is used with the one-click toggle feature for enabling/disabling a rule, allow clicking on the logging icon to toggle between logging and not logging for that rule. 2. In addition, perhaps 2 more buttons or icon toggles at the bottom or top of the page: 1. Log ALL (user-defined) Rules 2. Log NO (user-defined) Rules These two would act ONLY on the rules on the interface currently being displayed. That is if you were on the LAN Interface Rules page, all rules affecting the LAN interface could be toggled with this icon, but rules on the WAN/DMZ/OPTxx would not be affected. 3. Log packets blocked by default rule (I know this last one is under "Diags-> Logs-> Settings, but having it handy on the Rules page(s) might be helpful - then again it might just be more confusing and cause more clutter to otherwise clean format - maybe we could skip this one) * I noticed that at the bottom of the page there is already a grey logging (disabled) icon, but that is currently only used when a rule with logging defined has been disabled. I may be a bit anal-retentive, but I log all of my m0n0walls to remote syslog servers, and sometimes when things are not behaving as expected, having a way to temporarily/quickly log a certain rule while tailing a syslog file would be very helpful. Sorry to be so long-winded, but I hope this makes some sense. Any thoughts, comments, ideas? -- Bill Arlofski Reverse Polarity |