Preset logging level (actual logging options / full log) for fast debug
Imagine that you have 100 packetfilter rules not logged, 50 nat rules not logged, some im/p2p rules set as "Do not control". If you have troubles, perhaps it would be very usefull to easly and fastly switch from actual logging level to full logging level, without manually set (and then restore) every log option for each rule.
This "Full log" option, should also:
- log autopacket rules, that in this moment are not logged
- overrides those exceptions (ie. in web security) that prevents some hosts to be logged.
Thorsten Lieb commented
And it would be great to see in this "Detail/Debug Mode" the complete init of a connection (SYN, SYN+ACK, ACK). Right now the Live-Log doesn't tell you anything about whats really going on under the "hood" - you are blind to security problems. With tcpdump you can get the missing infos, but this is not recommended for the "normal" firewall admin.