Gordon Rowell wrote: > Some people have reported system degradation which we have traced to > an overactive syslog daemon. The activity is caused by logging a lot > of SMB/Windows networking information on the external interface. > > I have updated e-smith-packetfilter to: > Ignore SMB traffic > Ignore RIP (routing) traffic <snip> > ftp://ftp.e-smith.org/pub/e-smith/contrib/GordonRowell/RPMS/noarch/\ > e-smith-packetfilter-1.2.0-05.noarch.rpm <snip> Hi Gordon, just a note as some of us implemented this fix that Charlie provided previously to address this issue: Create: /etc/e-smith/templates-custom/etc/rc.d/init.d/masq/80EndChainDenyLog containing the following line: /sbin/ipchains --append denylog --jump DENY and then do: /etc/e-smith/events/actions/conf-masq /etc/e-smith/events/actions/restart-masq To implement and test your rpm I performed the following: 1) removed the above templates-custom entries 2) reset the masq: /etc/e-smith/events/actions/conf-masq /etc/e-smith/events/actions/restart-masq 3) viewed /var/log/messages to see denylog entries were being logged 4) installed your rpm rpm -Uvh e-smith-packetfilter-1.2.0-05.noarch.rpm 2) reset the masq: /etc/e-smith/events/actions/conf-masq /etc/e-smith/events/actions/restart-masq 3) viewed /var/log/messages to see denylog entries had stopped Looks good to me :-) Regards, Darrell
