On Tuesday 11 Mar 2003 11:18 pm, H.J.Bathoorn wrote: > Hello all, > > Going through my firewall logs tends to get tedious i.e. the logfiles too > big because of the recurring nameserver scans by my IP on port 520. > > Not only that but this permanent logging causes constant disk activity and > thus noise!:o( > > Anybody got any simple pointers how to put a stop to this? > > I suppose I could just block all these probes I'm just not sure what effect > that'll have though. > Just not having these probes being logged would suffice methinks. Well at > least it'll save the trouble of clearing out the HD every month and reduce > the noise. >For any rule you do not want logged make sure that the rule does not state 'info'
> TIA, > HarM If you are using shorewall then you can edit /etc/shorewall/policy and remove 'info' from the logging policy. Then restart shorewall. Another thing you could do is run fwlogwatch to go through your logs for you and send you a weekly condensed email. You can find it on your CDs derek -- ---------------------------------- www.jennings.homelinux.net
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
