Thanks Lonnie. Yes I will certainly sort all that out. I was just surprised that you could turn off logging on the other interfaces.
Regards Michael Knill On 18/11/2012, at 9:25 AM, Lonnie Abelbeck wrote: > Michael, > > Actually, no there is not an option to turn AIF:DMZ-INPUT logging off. > > The best is to 'fix' the problem. :-) > > You have an IP (172.16.17.2) doing a DNS lookup via 172.16.17.1, (see that > from the logs ?) > > Either add a rule to allow it (Pass DMZ->Local UDP 0/0 53) or reconfigure > 172.16.17.2 with respect to it's DNS. > > Personally, I often have this rule to allow DNS and DHCP on the DMZ: > -- > Pass DMZ->Local UDP 0/0 53,67-68,137 > -- > > Lonnie > > > On Nov 17, 2012, at 3:53 PM, Michael Knill wrote: > >> Is there any way to turn this off? My system log is full of these but I have >> unticked all logging. >> >> Nov 17 11:59:53 CAP1-90002-IPC-Biz user.info kernel: AIF:DMZ-INPUT denied: >> IN=eth2 OUT= MAC=00:30:18:ac:c5:de:38:60:77:29:61:f7:08:00 SRC=172.16.17.2 >> DST=172.16.17.1 LEN=67 TOS=0x00 PREC=0x00 TTL=64 ID=37218 DF PROTO=UDP >> SPT=55465 DPT=53 LEN=47 >> Nov 17 11:59:58 CAP1-90002-IPC-Biz user.info kernel: AIF:DMZ-INPUT denied: >> IN=eth2 OUT= MAC=00:30:18:ac:c5:de:38:60:77:29:61:f7:08:00 SRC=172.16.17.2 >> DST=172.16.17.1 LEN=67 TOS=0x00 PREC=0x00 TTL=64 ID=37219 DF PROTO=UDP >> SPT=55465 DPT=53 LEN=47 >> Nov 17 12:00:03 CAP1-90002-IPC-Biz user.info kernel: AIF:DMZ-INPUT denied: >> IN=eth2 OUT= MAC=00:30:18:ac:c5:de:38:60:77:29:61:f7:08:00 SRC=172.16.17.2 >> DST=172.16.17.1 LEN=87 TOS=0x00 PREC=0x00 TTL=64 ID=47229 DF PROTO=UDP >> SPT=32874 DPT=53 LEN=67 >> >> Regards >> Michael Knill > > > > ------------------------------------------------------------------------------ > Monitor your physical, virtual and cloud infrastructure from a single > web console. Get in-depth insight into apps, servers, databases, vmware, > SAP, cloud infrastructure, etc. Download 30-day Free Trial. > Pricing starts from $795 for 25 servers or applications! > http://p.sf.net/sfu/zoho_dev2dev_nov > _______________________________________________ > Astlinux-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/astlinux-users > > Donations to support AstLinux are graciously accepted via PayPal to > [email protected]. ------------------------------------------------------------------------------ Monitor your physical, virtual and cloud infrastructure from a single web console. Get in-depth insight into apps, servers, databases, vmware, SAP, cloud infrastructure, etc. Download 30-day Free Trial. Pricing starts from $795 for 25 servers or applications! http://p.sf.net/sfu/zoho_dev2dev_nov _______________________________________________ Astlinux-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/astlinux-users Donations to support AstLinux are graciously accepted via PayPal to [email protected].
