[Firehol-support] Per rule/interface logging
phil at firehol.org
Sat Nov 12 22:28:31 GMT 2016
On Sun, Nov 13, 2016 at 12:11:17AM +0200, Paul Roland wrote:
> Great work with Firehol, just moved away from ShoreWall...
> I was able to setup logging to NFLOG via ulogd... but
> Is there a way to setup logging per interface or rule? for example I
> don't want any drops on the eth0 to be logged since I already know
> there is only one rule there...
> I currently cannot find such an option.... Maybe I am going blind.
> And also is there a possibility to shorten the log lines, like I don't
> need any MAC info on that interface or log in general.
FireHOL by default logs anything it doesn't match. To stop any logs,
for an interface, just add a catch-all rule at the end the interface
to explicitly drop any traffic not already handled. No logs does make
debugging harder though, if something unexpected happens.
FireHOL only specifies the prefix that is used, via iptables, not how
the packet information is displayed in the logs. I think maybe ulogd
allows you to control what is formatted but I have never tried.
Hope that helps
More information about the Firehol-support