I''m running Shorewall 3.2.2 with the latest stable IPTables and Debian''s ULOG. In previous versions of shorewall I had set up the default policy for drop and reject to ULOG traffic: net all DROP ULOG all all REJECT ULOG When there was heavy traffic hitting the logs, adding an entry to the rules file would allow the traffic to be silently dropped: DROP net fw udp 1026:1029 I noticed in the latest version, the recommended syntax to avoid logging was: DROP:none! net fw udp 1026:1029 Unfortunately, neither of these seem to silently drop anymore. As of version 3.2.2, no matter what I do, all these drops are still getting logged to ulog. Is this intended behavior now? How can I log all default drops while silently dropping certain ports? Thanks, Matt ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
> -----Original Message----- > From: shorewall-users-bounces@lists.sourceforge.net [mailto:shorewall- > users-bounces@lists.sourceforge.net] On Behalf Of Matt LaPlante > Sent: Saturday, August 19, 2006 6:57 PM > To: shorewall-users@lists.sourceforge.net > Subject: [Shorewall-users] Silent Dropping in 3.2.2 >Found my error...looks like all is well. Sorry for the wasted post. - Matt ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
Matt LaPlante wrote:> ... > Found my error...looks like all is well. Sorry for the wasted post.It wouldn''t have been wasted if you''d documented the solution... ;-) Paul ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642