[Firehol-support] Disabling logging of certain packets and client restrictions
Rick Marshall
rjm at zenucom.com
Fri Apr 22 23:58:16 BST 2005
that would be good because we get a lot of ms chatter from pc's on the c
lass public network that our adsl connects to.
rick
Marcus Williams wrote:
>Hi -
>
>I've had firehol running on a server for some time and its working great
>but there are two things I'd like to do:
>
>1) restrict outgoing connections (but still be able to send mail/dns etc)
>2) disable logging of the ms backscatter I get on the subnet my machine
>is one (so ignore packets to 135/445 etc rather than logging the blocked
>packet)
>
>I know how to do (1) in that presumably instead of having "client all"
>I'll just have a set of client lines that allow the machine to do smtp
>(its an mx for a number of domains and needs to be able to send mail)
>and dns (needs dns to send mail). So all I should be doing is replacing
>the client line for "client smtp dns". I also want to be able to update
>my machine (it runs debian) so I need to add client lines that allow
>web/ftp to the uk mirror but the uk mirror for debian is a round robin
>to a number of IP's so how do I do that without adding each IP?
>
>For (2), I already block this traffic in that I dont accept it
>explicitly but what I'd really like to do is not log any of this traffic
>(specifically the MS/samba ports) because it blows my logs up to stupid
>sizes. How do I do that? Can I add an explicit drop for say samba with a
>nolog option (does that exist?)
>
>Thanks
>
>Marcus
>
>
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: rjm.vcf
Type: text/x-vcard
Size: 146 bytes
Desc: not available
URL: <http://lists.firehol.org/pipermail/firehol-support/attachments/20050423/ea14be96/attachment-0003.vcf>
More information about the Firehol-support
mailing list