[opensuse] How can I tell susefirewall not to log about a certain port?
- From: "Carlos E. R." <robin.listas@xxxxxxxxxxxxxx>
- Date: Mon, 16 Jul 2007 14:17:05 +0200 (CEST)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi,
In the /etc/sysconfig/SuSEfirewall2 file I have:
FW_SERVICES_EXT_TCP="4662"
But entries to that port are logged:
Jul 15 14:07:25 nimrodel kernel: SFW2-INext-ACC-TCP IN=eth0 OUT=
MAC=00:40:f4:2e:b1:21:00:30:da:70:d7:ea:08:00 SRC=189....
DST=192.168.1... LEN=48 TOS=0x00 PREC=0x00 TTL=112 ID=6454 DF PROTO=TCP
SPT=50867 DPT=4662 WINDOW=64240 RES=0x00 SYN URGP=0 OPT (0204058401010402)
As it is a port I opened, I understand it should not be logged, it is not
a "critical" port. I have:
FW_LOG_DROP_CRIT="yes"
FW_LOG_DROP_ALL="yes"
FW_LOG_ACCEPT_CRIT="yes"
FW_LOG_ACCEPT_ALL="no"
What could I do so that they are not logged? I want other ports logged,
but not those I explicitly opened myself.
In other words, I want to the firewall to consider 4662 as "not critical".
- --
Cheers,
Carlos Robinson
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Made with pgp4pine 1.76
iD8DBQFGm2HDtTMYHG2NR9URAkHkAJ9z9oamb3bh3F/wKTkGLaBGDuC8gACgl9XT
lc16ibdI+ISQvsUvAMc9Zpo=
=bE6d
-----END PGP SIGNATURE-----
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx
- Prev by Date: Re: [opensuse] dictionary attacks
- Next by Date: Re: [opensuse] dictionary attacks
- Previous by thread: [opensuse] dictionary attacks
- Next by thread: [opensuse] MySQL encryption agent
- Index(es):
Relevant Pages
|
