This works well for a static IP installation, does anyone know how to write
the template for a system with dynamic IP assignment on the external
interface?
----- Original Message -----
From: "Michael Jung" <[EMAIL PROTECTED]>
To: "Darrell May" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Tuesday, February 20, 2001 3:29 AM
Subject: RE: [e-smith-devinfo] Masses of protocol messages in the logs
> What is the best way to completely eliminate these messages from being
> logged.
[...]
> 192.168.10.52:513 192.168.10.255:513 L=88 S=0x00 I=34895 F=0x0000
> T=64 (#1)
> 24.113.160.100:513 24.113.163.255:513 L=88 S=0x00 I=34896
> F=0x0000 T=64 (#1)
> 24.113.92.126:513 24.113.93.255:513 L=112 S=0x00 I=8992 F=0x0000 T=64 (#1)
> 10.16.22.175:121 10.16.255.255:121 L=50 S=0x00 I=49774 F=0x0000 T=30 (#1)
> 10.16.0.3:121 10.16.255.255:121 L=50 S=0x00 I=61633 F=0x0000 T=30 (#1)
I don't know if its the best way but I do with protokoll ports (in my case
NETBIOS dgm broadcasts on my outer network):
Create /etc/e-smith/templates-custom/etc/rc.d/init.d/masq
Place there a file containing a new ipchains rule (mentioned by Charlie):
------------- file begin here:
"25IgnoreNETBIOS-dgm-broadcasts ----------------
# deny without logging local Netbios-dgm broadcasts
/sbin/ipchains --append input --protocol udp --source \
sss.sss.sss.sss/0.0.0.0 netbios-dgm --destination ddd.ddd.ddd.ddd
netbios-dgm --jump DENY
------------- file
end -------------------------------------------------------
sss.sss.sss.sss : source address
0.0.0.0 : means ALL traffic to that port of protocol type udp (see above) is
ignored !
ddd.ddd.ddd.ddd : destination address
Then do
/sbin/e-smith/expand-template etc/rc.d/init.d/masq
/etc/e-smith/events/actions/restart-masq
Michael Jung
--
This list is archived
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
