On 12.09.2004 16:34 +0200, Frederick Page wrote:
> I had set-up a firewall rule to block ports 135-139 and 445 in order
> for them not to get logged by the default rule. I (erreanously) set
> source-ports 135-139 (instead of destination-ports) and found out,
> that I could _not_ edit this rule to source-ports any and
> destination-ports 135-139. Had to delete the rule, create a new one
> and move it all the way to the top (I like my rules sorted).
Huh? I just tried that (new rule, src ports 135-139, dst any, save,
then edit, src ports any, dst 135-139, save), and it worked fine. Can
you try again and post a detailed list of what you did to trigger
> Would it be possible, to include the comment of the rule in the log
> (something like the --log-prefix option on Linux iptables)? Yes I
> know, the rule-number is visible and on status.php I can look up
> which rule caused the log-entry, but something like a log-prefix
> might be more comfortable?
Well, the problem is that the filter log comes straight from
ipmon/ipfilter, so it'd have to be post-processed somehow to map
ipfilter rule numbers back to m0n0wall rule numbers. Maybe,
sometime... But thanks for the suggestion!