firewall: logging for NAT rules, within the possibilities of what pf has to offer.... closes https://github.com/opnsense/core/issues/3033

2026-03-15 17:14:46 +00:00 · 2019-02-28 21:26:36 +01:00 · 2019-02-28 21:26:36 +01:00 · 2babeae771
commit 2babeae771
parent b214b89e20
1 changed files with 7 additions and 5 deletions
--- a/src/opnsense/scripts/filter/read_log.py
+++ b/src/opnsense/scripts/filter/read_log.py
@ -79,10 +79,8 @@ def fetch_rules_descriptions():
                if line.startswith('@'):
                    line_id = line.split()[0][1:]
                    if line.find(' label ') > -1:
-                        result[line_id] = {'label': ''.join(line.split(' label ')[-1:]).strip()[1:-1]}
-                    else:
-                        # XXX happens on rdr (ID is not unique) or when no label is found
-                        result[line_id] = {'label': 'XXX'}
+                        result[line_id] = ''.join(line.split(' label ')[-1:]).strip()[1:-1]
+
    return result


@ -130,7 +128,11 @@ if __name__ == '__main__':

            rule.update(metadata)
            if 'rulenr' in rule and rule['rulenr'] in running_conf_descr:
-                rule['label'] = running_conf_descr[rule['rulenr']]['label']
+                if rule['action'] in ['pass', 'block']:
+                    rule['label'] = running_conf_descr[rule['rulenr']]
+            elif rule['action'] not in ['pass', 'block']:
+                rule['label'] = "%s rule" % rule['action']
+
            result.append(rule)

            # handle exit criteria, row limit or last digest