RE: [pmfirewall] How to log selectively?

From: James Nessen (nessenj@jimsoffice.org)
Date: Sun Jul 16 2000 - 08:50:52 PDT

• Next message: Mark Weaver: "[pmfirewall] I was just wondering..."
• Previous message: Stuart Luppescu: "RE: [pmfirewall] How to log selectively?"
• In reply to: Alexander Volovics: "[pmfirewall] How to log selectively?"
• Next in thread: Alexander Volovics: "RE: [pmfirewall] How to log selectively?"
• Reply: Alexander Volovics: "RE: [pmfirewall] How to log selectively?"

Try:

$IPCHAINS -a input -p udp -s $REMOTENET -d $REMOTENET 2301 -j REJECT

Put this at the bottom of your pmfirewall.rules.local file and restart it

Jim

--
James Nessen
E. nessenj@jimsoffice.org
P. 916.806.0971
F. 877.410.3802
W. http://www.jimsoffice.org
-----Original Message-----
From: owner-pmfirewall@pointman.org
[mailto:owner-pmfirewall@pointman.org]On Behalf Of Alexander Volovics
Sent: Sunday, July 16, 2000 6:50 AM
To: pmfirewall@pointman.org
Subject: [pmfirewall] How to log selectively?
Can anybody explain how I can log `DENY items' selectively?
(or rather how I can exlude -some- of the DENY items from
 being logged).
I am connected to the internet via the cable provider @home.
On my segment of the @home network the other user's machines
seem to be constantly broadcasting, for example:
Jul 16 15:26:29 for kernel: Packet log: input DENY eth1 PROTO=17
212.204.158.219:2301 255.255.255.255:2301 L=40 S=0x00 I=32512 F=0x0000 T=128
(#36)
Jul 16 15:26:52 for kernel: Packet log: input DENY eth1 PROTO=17
212.204.158.233:2301 255.255.255.255:2301 L=40 S=0x00 I=27693 F=0x0000 T=128
(#36)
As this happens every minute for each machine my /var/log/messages grows
exponentially.
I would like to exlude these entries from the log. But ONLY these entries
(i.e. "-p udp -s $OUTERNET -d 255.255.255.255 2301", so removing the `-l'
 parameter from "$IPCHAINS -A input -j DENY -l" is not an option!)
I see no short and elegant way of doing this with the standard pmfirewall.
Can somebody please help.
Alexander
****************************************************************************
* To UNSUBSCRIBE from the list, send a message with "unsubscribe pmfirewall"
* in the message body to majordomo@pointman.org. Please direct other
* questions, comments, or problems to pmfirewall-owner@pointman.org.
*
*           Need answers fast? Check the list archive located at:
*             http://www.pointman.org/PMFirewall/list-archive/
*
****************************************************************************
* To UNSUBSCRIBE from the list, send a message with "unsubscribe pmfirewall"
* in the message body to majordomo@pointman.org. Please direct other
* questions, comments, or problems to pmfirewall-owner@pointman.org.
*
*           Need answers fast? Check the list archive located at:
*             http://www.pointman.org/PMFirewall/list-archive/
*

• Next message: Mark Weaver: "[pmfirewall] I was just wondering..."
• Previous message: Stuart Luppescu: "RE: [pmfirewall] How to log selectively?"
• In reply to: Alexander Volovics: "[pmfirewall] How to log selectively?"
• Next in thread: Alexander Volovics: "RE: [pmfirewall] How to log selectively?"
• Reply: Alexander Volovics: "RE: [pmfirewall] How to log selectively?"

This archive was generated by hypermail 2b29 : Sun Jun 10 2001 - 02:35:24 PDT