[Firehol-support] Disabling logging of certain packets and client restrictions

Marcus Williams marcus at quintic.co.uk
Mon Apr 25 13:58:17 BST 2005


On 23/04/2005 13:10, Costa Tsaousis wrote:
> 1. You can restrict outgoing connections for all local users except
> certain ones. For example:
> 
> client http accept user root

Excellent - exactly what I needed. Thanks.

> 2. You can drop any service you like, and if you don't 'log' or 'loglimit'
> it, it will not be logged.

Ok, so if my default policy is drop and I have something like:

server http accept
server smtp accept
server imap accept

if I add

server samba drop

this should lessen the ms chattering. I'm still interested in stuff
coming from unexpected ports so I shouldnt need the any port bit you
suggested I think.

Thanks

Marcus

-- 
Marcus Williams -- http://www.cad-schroer.co.uk
CAD Schroer UK, 39 Newnham Road, Cambridge, UK





More information about the Firehol-support mailing list