On Sun, Oct 12, 2008 at 06:56:54AM -0500, Hugo Vanwoerkom wrote:
Ron Johnson wrote:
On 10/11/08 18:24, Abel McClendon wrote:
On Sat, 11 Oct 2008 19:09:23 -0400
Daryl Styrk <darylstyrk@gmail.com> wrote:
Oct 11 14:08:45 debian kernel: [44140.916755] Inbound IN=wlan0 OUT=
MAC=ff:ff:ff:ff:ff:ff:00:17:f2:eb:42:2e:08:00 SRC=10.0.1.5
DST=10.0.1.255 LEN=113 TOS=0x00 PREC=0x00 TTL=64 ID=62369 PROTO=UDP
SPT=631 DPT=631 LEN=93
<snip>
But what is the way to avoid those messages entirely?
At one time (and still) I installed ulog to keep those messages in one
place but now they clutter up syslog and kernel.log
I would think that you would want packets that don't match traffic
expected by the firewall (even if allowed to pass) to be logged. Set up
your firewall rules (I use shorewall) to allow those packets and not
log them. Right now, they probablly hit a default rule like "all all
other traffic from the local network but log it to syslog".