From: Patrick Benson (benson@chello.se)
Date: Sun May 13 2001 - 12:11:44 PDT
PSR wrote:
>
> I have a large number of log entries of the form:
> May 13 18:55:23 pc68-car9 kernel: Packet log: input DENY eth0 PROTO=17
> 62.252.54.68:631 255.255.255.255:631 L=145 S=0x00 I=17192 F=0x0000 T=64 (#34)
>
> These seem to be harmless and relate, I think to the CUPS server. What rule
> would I need to add, and at what point in the file, to pmfirewall.rules.local
> in order to turn this logging off, but not turn off any other logging? There
> is no specific rule that produces this output (i.e. I can't just remove a
> '-l' from a particular rule), I think I get it because of the default logging
> arrangements.
>
> - Richard.
You're right, there is no specific rule for that line except for the
last rule in the input policy list, which denies all that don't match
the preceeding rules. If you run the command ipchains -vnL you will see
that the last rule in your input policy list is probably #34 which is
logging this. So to circumvent this you would insert a new rule:
$IPCHAINS -I input -p udp -s 62.252.54.68 -d 255.255.255.255 -j DENY
which the packets will pass through before the last rule, #34, thereby
avoiding being logged. I haven't used CUPS, myself, so I don't want to
add anymore to that source address of yours, avoiding the possibility of
blocking specific traffic that you would like to pass through.
-- Patrick Benson Stockholm, Sweden **************************************************************************** * To UNSUBSCRIBE from the list, send a message with "unsubscribe pmfirewall" * in the message body to majordomo@pointman.org. Please direct other * questions, comments, or problems to pmfirewall-owner@pointman.org. * * Need answers fast? Check the list archive located at: * http://www.pointman.org/PMFirewall/list-archive/ *
This archive was generated by hypermail 2b29 : Sun Jun 10 2001 - 02:41:35 PDT