search

apernet / OpenGFW

OpenGFW is a flexible, easy-to-use, open source implementation of GFW (Great Firewall of China) on Linux
https://gfw.dev/
Mozilla Public License 2.0
9.31k stars 703 forks source link

add matched rule name in log and debug outputs? #111

Open nw3000 opened 4 months ago

nw3000 commented 4 months ago

it is hard to find out which specific rule actually trigged in logs when debugging why one stream been blocked or allowed:

2024-03-24T05:19:32Z    INFO    UDP stream action       {"id": 1771768123415990016, "src": "192.168.1.2:36877", "dst": "84.1.1.1:9993", "action": "allow", "noMatch": true}
2024-03-24T05:19:45Z    INFO    TCP stream action       {"id": 1771768812341536768, "src": "192.168.1.2:37245", "dst": "12.1.1.1:443", "action": "block", "noMatch": false}

is that possible you can enriching the log or debug output to add more info? something like 

2024-03-24T05:19:32Z    INFO    UDP stream action       {"id": 1771768123415990016, "src": "192.168.1.2:36877", "dst": "84.1.1.1:9993", "action": "allow", "noMatch": true,  "reason": implicit default allow}

2024-03-24T05:19:45Z    INFO    TCP stream action       {"id": 1771768812341536768, "src": "192.168.1.2:37245", "dst": "12.1.1.1:443", "action": "block", "noMatch": false, "reason": - name: block  some site https - rules.yaml line 103 }

thank you.

tobyxdd commented 4 months ago

Good suggestion. For now you can also add log: true to each entry, which essentially does the same thing