Hi, My logs get more or less hammered with FAQ21 type messages - http://shorewall.net/FAQ.htm#faq21
Is there a way to not log them specifically? Lately, I've been torrenting to get few Linux distro ISOs for testing and the FW logs got flooded with this kind of messages: Note: I've removed LEN, TOS, PREC, TTL and ID for readability. This when my torrent client is launched (but not download active) Shorewall:+fw-lan:ACCEPT:IN= OUT=eth1 SRC=aa.aa.aa.aa DST=192.168.0.1 PROTO=ICMP TYPE=3 CODE=3 [SRC=192.168.0.1 DST=aa.aa.aa.aa PROTO=UDP SPT=25565 DPT=25565 ] aa.aa.aa.aa is my public address and 192.168.0.1 is my internal desktop. In my Torrent client, I picked 25565 as the main port. And these when the torrent client is closed Swall:+lan-net:ACCEPT:IN=eth1 OUT=eth0 SRC=192.168.0.1 DST=zz.zz.zz.zz PROTO=ICMP TYPE=3 CODE=3 [SRC=zz.zz.zz.zz DST=192.168.0.1 PROTO=UDP SPT=10760 DPT=25565 ] zz.zz.zz.zz is a random public internet IP. And I have dozens of messages like this. I want to not log them while preserving my usual log to spot other activities without being flooded by these useless messages. Any suggestion? -- ObNox
------------------------------------------------------------------------------
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
