[OLUG] Firewall Help

Jason Ferguson jferguson3 at home.com
Sun May 14 20:01:49 UTC 2000


I knew what -l did.  The reason I asked is that I wanted "important" things
to be logged in order to minimize what got logged.

I went ahead and turned off logging for all but the last "catchall" rules.

Jason

Drazak wrote:

> Did you bother to read the man pages?
>
>          -l, --log Turn on kernel logging of matching packets.  When this
> option is set for a rule, the Linux kernel will print some information of
> all matching packets (like most IP header fields) via printk().
>
> I'd start by removing the -l line from your ruleset.
>
> _Drew
>
> On Sun, 14 May 2000, Good. Root. What is difference? wrote:
>
> > Okay, I finally got a decent firewall running, ip masqing and some
> > protective measures.  However, now my /var/log/messages is growing by
> > the second... every few minutes or so, I get this line:
> >
> > May 14 13:31:00 cx114367-a kernel: Packet log: input REJECT eth1
> > PROTO=17 169.254.205.249:137 24.3.232.34:53 L=71 S=0x00 I=37387 F=0x0000
> > T=128 (#5)
> >
> > Obviously, Id like to minimize the stuff in my log.
> >
> > I've attached my rc.firewall, which I pretty much ripped from the
> > Stronger IP rulesets section of the masquerading HOWTO. Any help would
> > be appreciated.
> >
> > Jason
> >
> >
> >
> >
>
> -------------------------------------------------------------------------
> Sent by OLUG Mailing list Manager, run by ezmlm.  http://olug.bstc.net/
> To unsubscribe: `echo unsubsribe | mail olug-unsubscribe at bstc.net`




-------------------------------------------------------------------------
Sent by OLUG Mailing list Manager, run by ezmlm.  http://olug.bstc.net/ 
To unsubscribe: `echo unsubsribe | mail olug-unsubscribe at bstc.net` 



More information about the OLUG mailing list