[Shorewall-users] Log file..

Ted Gervais ve1drg at av.eastlink.ca
Sat Dec 13 16:43:19 PST 2003

On Sat, 13 Dec 2003, Tom Eastep wrote:

> On Saturday 13 December 2003 09:51 am, Ted Gervais wrote:
> > I wonder if there is a way to turn off ALL logging of the shorewall
> > operation.  I have adjusted the shorewall.conf file to show minimum
> > logging but still I am getting lots of data being recorded. For example,
> > here is a small quote with logging set at a minimum..
> <log messages snipped>
> >
> > Any thoughts?
> >
> Yes -- please read FAQ 17. In your case, you also need to adjust the
> /etc/shorewall/policy file.

OK Tom. Thanks for your note. I had read that FAQ17 before but I guess I
needed some more prompting to look at it again.

What I did was to adjust my policy file whereby I removed'info' as
you see it below. That seems to have given me more control over the
logging activities and hope I am on the right track. I had played with the
burst element as well but that caused me more problems than I needed. So,
with just the 'info' removed from the policy file things seem to be ok..

fw              net             ACCEPT
net             all             DROP            info
all             all             REJECT          info
peers           fw              ACCEPT
fw              peers           ACCEPT

Intuition, however illogical, is recognized as a command prerogative.
   -- Kirk, "Obsession", stardate 3620.7

Ted Gervais
Coldbrook Nova Scotia
Canada B4R1A7

More information about the Shorewall-users mailing list