[Firehol-support] blocking (without logging) broadcasts
Jeroen Versteeg
j.versteeg at student.utwente.nl
Mon Mar 21 20:02:48 GMT 2005
Hello,
I just setup FireHOL for my little server. It works great but I have one
problem:
iptables logs rejected broadcasts, one per second, which really messes
up /var/log/messages
I'm trying to find the best way to ignore (drop, don't log) broadcasts
but I have a few problems:
1.) What is the most elegant way to capture broadcasts?
Using an interface with a destination wildcard like *.*.*.255 should do
fine, something like:
interface eth0 netbroadcasts dst "*.*.*.255"
I can't find any syntax for using wildcards.
2.) How to stop logging everything for that broadcast?
server all log 1
seems a bit hacky and it doesn't even work since "all is a complex server".
What are your thoughts?
Thanks in advance,
Jeroen Versteeg
PS: Just a suggestion:
I'm not that good with IP addressing and haven't even touched iptables
and I found the documentation on logging (FIREHOL_LOG_ parameters and
log rule) too difficult to understand. Maybe providing a few examples
could make things more clear?
More information about the Firehol-support
mailing list