> -----Original Message-----
> From: Geordon VanTassle
> Sent: Sunday, December 01, 2002 9:28 AM
> Subject: [Shorewall-users] how do I stop loging these?
>
>
> Hello ,
>
> I''m new to Shorewall and iptables. I have a small, mixed
network
> (linux and WIndows).
>
> My firewall log is choking under the weight of the entries like
> below. Can someone suggest how I can stop the logging of these
> packets? The source computer (192.168.1.20) is a HP Pavilion PC
> running Windows ME, OEM. I can''t figure out WTF the box is
spewing
> out these packets, and the destination address (207.26.131.137)
> doesn''t seem to exist... I''m guessing that it belonged
to something
> that the PC had installed OEM, but the address is defunct.
>
>
> HELP! Please!
>
> Dec 1 08:01:29 all2all:REJECT:IN= OUT=eth0 SRC=192.168.1.3
> DST=192.168.1.20 LEN=56 TOS=0x00 PREC=0xC0 TTL=64 ID=62289 PROTO=ICMP
> TYPE=11 CODE=0 [SRC=192.168.1.20 DST=207.26.131.137 LEN=28 TOS=0x00
> PREC=0x00 TTL=1 ID=34855 PROTO=ICMP TYPE=8 CODE=0 ID=1024 SEQ=57521 ]
>
Although I would serioulsy consider trying to locate the source of this
problem, you can temporarily disable the logging of these packets by
removing the log level (info) from the all2all policy statment in
/etc/shorewall/policy file. i.e.
all all REJECT info
to
all all REJECT
Once you locate/disable the source from generating these packets, you can
always re-enable logging at this level.
Steve Cowles