I''m using shorewall 1.4.8 on a Mandrake 9.2 machine (not the Mandrake version though). Everything works just fine, a little bit to good infact. My log get flooded with entries about dropped packets to the 2450 port (netadmin) from machines on the net. I have tried to find information on how to stop logging these, but no luck. Is there any way I can configure it to log everything as normal, but not packets to port 2450/udp from the net? /Thomas
On Wed, 21 Jan 2004, Thomas Svenson wrote:> I''m using shorewall 1.4.8 on a Mandrake 9.2 machine (not the Mandrake > version though). > > Everything works just fine, a little bit to good infact. My log get flooded > with entries about dropped packets to the 2450 port (netadmin) from machines > on the net. > > I have tried to find information on how to stop logging these, but no luck. >Apparently it didn''t occur to you to look in the FAQ (*Frequently* Asked Questions): Try looking at FAQ 2b (http://www.shorewall.net/FAQ.htm and search for "FAQ 2b"). -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net
Hi Tom, Thanks for a quick answer. shorewall-users-bounces@lists.shorewall.net wrote:>> I have tried to find information on how to stop logging these, but >> no luck. > Apparently it didn''t occur to you to look in the FAQ (*Frequently* > Asked Questions):I sure did look in it. I did as it suggested. Although, it took me some time to realise I hade to change the destination from fw to all. Otherwise they where logged anyways. /Thomas
On Wed, 21 Jan 2004, Thomas Svenson wrote:> Hi Tom, > > Thanks for a quick answer. > > shorewall-users-bounces@lists.shorewall.net wrote: > >> I have tried to find information on how to stop logging these, but > >> no luck. > > Apparently it didn''t occur to you to look in the FAQ (*Frequently* > > Asked Questions): > > I sure did look in it. I did as it suggested. > > Although, it took me some time to realise I hade to change the destination > from fw to all. Otherwise they where logged anyways. >If you had looked at the chain from which the messages were being logged and then at FAQ 17, you might have been able to create a more focused rule. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net