On Mon, 19 Feb 2001, Darrell May wrote:
> Sorry to bring this up again, put the logging of these DENY eth1 PROTO=17...
> messages continue to fill /var/log/messages into huge file sizes.
>
> What is the best way to completely eliminate these messages from being
> logged.
> In just a day the /var/log/messages grew to over 20MB. The external
> connection
> is on the @home network. This is just a miniscule snapshot of the different
> IP addresses being logged.
>
> 192.168.10.52:513 192.168.10.255:513 L=88 S=0x00 I=34895 F=0x0000 T=64 (#1)
> 24.113.160.100:513 24.113.163.255:513 L=88 S=0x00 I=34896 F=0x0000 T=64 (#1)
> 24.113.92.126:513 24.113.93.255:513 L=112 S=0x00 I=8992 F=0x0000 T=64 (#1)
> 10.16.22.175:121 10.16.255.255:121 L=50 S=0x00 I=49774 F=0x0000 T=30 (#1)
> 10.16.0.3:121 10.16.255.255:121 L=50 S=0x00 I=61633 F=0x0000 T=30 (#1)
If you want to get rid of *all* such logging, create
/etc/e-smith/templates/etc/rc.d/init.d/masq/80EndChainDenyLog containing:
/sbin/ipchains --append denylog --jump DENY
And then do:
/etc/e-smith/events/actions/conf-masq
/etc/e-smith/events/actions/restart-masq
which is equivalent to these instructions provided by Michael Jung:
> /sbin/e-smith/expand-template /etc/rc.d/init.d/masq
> chmod +x /etc/rc.d/init.d/masq
> /etc/rc.d/init.d/masq restart
You'll then not know how often you have people "checking your locks".
Charlie Brady [EMAIL PROTECTED]
http://www.e-smith.org (development) http://www.e-smith.com (corporate)
Phone: +1 (613) 368 4376 or 564 8000 Fax: +1 (613) 564 7739
e-smith, inc. 1500-150 Metcalfe St, Ottawa, ON K2P 1P1 Canada
