EFW Support
Welcome,
Guest
. Please
login
or
register
.
Did you miss your
activation email?
Saturday 30 November 2024, 10:17:05 pm
1 Hour
1 Day
1 Week
1 Month
Forever
Login with username, password and session length
Visit the official Endian Community Mailinglist
HERE
14261
Posts in
4377
Topics by
6517
Members
Latest Member:
Sandro
Search:
Advanced search
EFW Support
Support
General Support
How to turn off logging of a specific firewall match?
0 Members and 1 Guest are viewing this topic.
« previous
next »
Pages:
[
1
]
Author
Topic: How to turn off logging of a specific firewall match? (Read 12449 times)
strangetpwn
Jr. Member
Offline
Posts: 4
How to turn off logging of a specific firewall match?
«
on:
Thursday 09 September 2010, 03:17:29 pm »
My firewall logs are full of entries like:
INPUTFW:DROP UDP (br0) 192.168.1.2:17500 -> 255.255.255.255:17500
These are related to the LAN Sync feature of Dropbox.
Everything works as it is so I don't need to change this rule, I just don't need it to be logged since it creates about 8 entries each minute for each machine running DB, making my firewall logs hard to read.
Is there something I can add to iptables to turn off logging of this specific case? Something like:
iptables -A -d 255.255.255.255 -p udp --dport 17500 -j DROP - [do not log this]
I've tried creating rules to ALLOW using EFW's web interface, but these don't work.
Thanks
Logged
mrkroket
Hero Member
Offline
Posts: 495
Re: How to turn off logging of a specific firewall match?
«
Reply #1 on:
Friday 10 September 2010, 01:49:08 am »
This logs are being created by the Incoming Firewall (INPUTFW).
Try to create a drop rule in
Firewall->Incoming routed traffic
Logged
strangetpwn
Jr. Member
Offline
Posts: 4
Re: How to turn off logging of a specific firewall match?
«
Reply #2 on:
Friday 10 September 2010, 03:30:12 am »
Thanks, I tried this suggestion, the rule looks like:
Source Destination Service Policy
192.168.1.2 255.255.255.255 UDP/17500 DENY
but it hasn't an effect on my Live logs, any other ideas?
Logged
mrkroket
Hero Member
Offline
Posts: 495
Re: How to turn off logging of a specific firewall match?
«
Reply #3 on:
Friday 10 September 2010, 08:29:14 am »
The Linux nerd's way.
Endian uses a series of scripts to create iptables. From some templates (.tmpl files) it creates the iptables files.
Go to
/etc/firewall/inputfw
. You'll find three kind of files:
.conf
,
.conf.old
and
.conf.tmpl
, and two files:
rules.tmpl
iptablesinputfw
The .conf.tmpl are the templates.
So the way EFW works when you apply a change on firewall GUI is:
1-Moving actual config files (.conf) to old config (.conf.old).
2-From template files (.conf.tmpl) the system recreates the new config files.
3-Old & New config are compared. If there are differences the file iptablesinputfw is recreated (via the rules.tmpl file) and reloaded onto iptables.
So the way to act is editing the rules.tmpl file and adding your custom rule to see if that blocks the log.
Logged
Pages:
[
1
]
« previous
next »
Jump to:
Please select a destination:
-----------------------------
Announcements
-----------------------------
=> Project News
=> Latest News and Updates
-----------------------------
Support
-----------------------------
=> General Support
=> Installation Support
=> EFW SMTP, HTTP, SIP, FTP Proxy Support
=> VPN Support
=> Hardware Support
-----------------------------
Development
-----------------------------
=> EFW Wishlist
=> Contribute Your Customisations & Modifications
Page created in 0.07 seconds with 17 queries.
Powered by SMF 1.1 RC2
|
SMF © 2001-2005, Lewis Media
Design by
7dana.com