PF how to configure pf to log only established traffic?

M

maslakyavuz

On PF (FreeBSD 11.2), I need to save all established logs for all protocols ( UDP, TCP.. ) instead of all activity.
How can I do that?

Thanks.
 
Last edited by a moderator:
Code: 
     log   In addition to the action specified, a log message is generated.
           Only the packet that establishes the state is logged, unless the no
           state option is specified.  The logged packets are sent to a
           pflog(4) interface, by default pflog0.  This interface is monitored
           by the pflogd(8) logging daemon, which dumps the logged packets to
           the file /var/log/pflog in pcap(3) binary format.
See pf.conf(4).
 
Well, How can i decrease these logs much more? Namely when a machine establishes to remote ip for any services ( web,ssh,ftp etc..), i want pflog not to log next processes regarding the same connection thus i want to decrease log amount. is it possible and healty ?
thanks
 
You must log in or register to reply here.
Back
Top