[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: how to get firehol messages off my screen

On 31 May 2004, Jonas Meurer wrote:
> On 30/05/2004 Daniel Pittman wrote:
>>> Where do I change the settings so that they can be redirected to
>>> a log file?
>> Three methods:
>> [...]
>> 3. use commands like 'server all drop' at the end of an interface,
>> preventing firehol from logging that traffic.
>> I use 3, targeting things that I don't care about, on most of my
>> servers.
> I tried this on my server and suddenly wasn't able to reach any remote
> sites any longer. the server still was available and ping from server to
> other machines worked, but requesting a ftp or http file from the server
> didn't work any longer.

...odd. I wouldn't have expected that result from it, but I never tested
server *all* drop; I would expect that it should act as usual and allow
anything earlier on the piece.

You *did* have an explicit server "ftp http" accept in there before the
drop all, right?

> removing the server all drop option fixed this, so don't you have the
> same problems?

The end of my configuration lists:

    server samba drop
    server dhcp drop

They are there because they are very verbose on a DHCP windows network.

Dante:  But you hate people.
Randal: Yes, but I love gatherings. Isn't it ironic?
        -- Kevin Smith, _Clerks_, 1994

Reply to: