[Firehol-support] policy/server reject/accept/drop
Costa Tsaousis
costa at tsaousis.gr
Tue Oct 11 19:38:58 BST 2005
Redeeman wrote:
>hello.. (sorry to write all this much, but im getting problems as i
>go :))
>
>the thing is, i have policy reject/drop on my interface, and it was my
>understanding that it does the same as server all drop or server all
>reject.. however it doesent, beacuse with only policy drop and policy
>reject it still logs, and i really hate those logs, so i need to add
>server all drop, client all drop.. isnt there some way to disable
>logging alltogether, or make policy do it?
>
>
You cannot disable it, but you can limit it. Check the documentation for
FIREHOL_LOG_FREQUENCY and relative variables.
I also suggest to use ulogd for managing iptables logs. This way the
firewall logs will not interefere with the system logs.
Costa
More information about the Firehol-support
mailing list