[Shorewall-users] Log file..
ve1drg at av.eastlink.ca
Sat Dec 13 16:43:19 PST 2003
On Sat, 13 Dec 2003, Tom Eastep wrote:
> On Saturday 13 December 2003 09:51 am, Ted Gervais wrote:
> > I wonder if there is a way to turn off ALL logging of the shorewall
> > operation. I have adjusted the shorewall.conf file to show minimum
> > logging but still I am getting lots of data being recorded. For example,
> > here is a small quote with logging set at a minimum..
> <log messages snipped>
> > Any thoughts?
> Yes -- please read FAQ 17. In your case, you also need to adjust the
> /etc/shorewall/policy file.
OK Tom. Thanks for your note. I had read that FAQ17 before but I guess I
needed some more prompting to look at it again.
What I did was to adjust my policy file whereby I removed'info' as
you see it below. That seems to have given me more control over the
logging activities and hope I am on the right track. I had played with the
burst element as well but that caused me more problems than I needed. So,
with just the 'info' removed from the policy file things seem to be ok..
fw net ACCEPT
net all DROP info
all all REJECT info
peers fw ACCEPT
fw peers ACCEPT
Intuition, however illogical, is recognized as a command prerogative.
-- Kirk, "Obsession", stardate 3620.7
Coldbrook Nova Scotia
More information about the Shorewall-users