Re: how to get firehol messages off my screen
On 31 May 2004, Jonas Meurer wrote:
> On 30/05/2004 Daniel Pittman wrote:
>>> Where do I change the settings so that they can be redirected to
>>> a log file?
>>
>> Three methods:
>> [...]
>>
>> 3. use commands like 'server all drop' at the end of an interface,
>> preventing firehol from logging that traffic.
>>
>> I use 3, targeting things that I don't care about, on most of my
>> servers.
>
> I tried this on my server and suddenly wasn't able to reach any remote
> sites any longer. the server still was available and ping from server to
> other machines worked, but requesting a ftp or http file from the server
> didn't work any longer.
...odd. I wouldn't have expected that result from it, but I never tested
server *all* drop; I would expect that it should act as usual and allow
anything earlier on the piece.
You *did* have an explicit server "ftp http" accept in there before the
drop all, right?
> removing the server all drop option fixed this, so don't you have the
> same problems?
The end of my configuration lists:
server samba drop
server dhcp drop
They are there because they are very verbose on a DHCP windows network.
Daniel
--
Dante: But you hate people.
Randal: Yes, but I love gatherings. Isn't it ironic?
-- Kevin Smith, _Clerks_, 1994
Reply to: