Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 3 subscribers
  • Views 279 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Nice feature to add

System-Z
Would be nice to add a feature during logging which rule allowed it or denied it.. say a packet got denied and then it would show which rule it got denied at..  Checkpoint has this, would be a nice addition.


This thread was automatically locked due to age.
  • 0
    This would need Astaro to work with the iptables team, but i can't see why it can't be done.  It is in my opinion Astaro would benefit from this feature.  

    Also it would be a great PR stunt
  • 0 in reply to Mike_H
    There is not a week that goes by that I dont analyse Checkpoint log files vs. rulebase for several customers.

    The results are invariably extremelly interesting.

    This would be right at the top of my must have list.
  • 0
    Fully agree this would be very helpful. Also section titles in the rulebase would be cool or adding multiple objects (hosts,networks,services etc.) in the source,service and destination fields. 

    rgds
    Roland