tested this myself with the same results...outbound block nolog works fine...remote access nolog works fine...outbound accept nolog doesn't seem to work
Is this a bug? If not, I believe GTA should DEFINITELY add this to the next release. On Tue, 4 Sep 2001 02:28:35 -0400, you wrote: >--------------------- Attention ----------------------------- >A digest version of this list is now available. >Send email to [EMAIL PROTECTED], with the following message: >subscribe gb-users-digest your_email_address >Then unsubscribe from this list. >------------------------------------------------------------- >GNAT Box User Forum http://www.gnatbox.com/cgi-bin/Ultimate.cgi >Send postings to: [EMAIL PROTECTED] >Access the list archives at: http://www.gnatbox.com/gb-users/ >------------------------------------------------------------- >Is it possible to create an outbound filter that would prevent a host on >the protected side of the network from being logged to the syslog when >it tried to contact certain hosts on the external (Internet) side of the >network? For example, if you have a machine on your internal 192.168.1.x >/24 subnet running something such as BigBrother or MRTG to monitor >several outside hosts, your syslogs tend to get large rather quickly. >I'd like to add a filter that would still allow the internal monitoring >host to contact the outside hosts on the Internet, but prevent it from >logging those connections to the syslog. I've tried adding specific >outbound filters set to accept with nolog and haven't had any luck. It >works fine (doesn't log) if you add a DENY filter outbound with nolog, >but not if you have an ACCEPT filter outbound with nolog. If someone can >either confirm that it is not possible for GNAT Box to do this, or else >tell me how to do it, I would appreciate it. > >///Jason > >---------------------------------------------- >To Unsubscribe: send mail to [EMAIL PROTECTED] >with "unsubscribe gb-users your_email_address >in the body of the message
