On Wed, 21 Aug 2002, Kory Krofft wrote:
> I am receiving a large number of hits in my log files from poorly
> configured machines that share my Road Runner segment. I have read the
> Shorewall documentation and it seems that to stop logging of attempted
> connections to ports 67 & 68 I would add this to the shorewall rules
> file:
>
> drop net fw tcp 67,68
>
> By not following the "drop" with a log level it should not log the
> attempts.
>
> Am I coorect in this understanding?
Mostly.
a) "drop" _must_ be capitalized: "DROP"
b) if there are rules earlier in the rule base that are triggered by these
packets then they take precedence... including any logging they
specify. "earlier" in particular may include rfc1918 rejection.
---------------------------------------------------------------------------
Jeff Newmiller The ..... ..... Go Live...
DCN:<[EMAIL PROTECTED]> Basics: ##.#. ##.#. Live Go...
Live: OO#.. Dead: OO#.. Playing
Research Engineer (Solar/Batteries O.O#. #.O#. with
/Software/Embedded Controllers) .OO#. .OO#. rocks...2k
---------------------------------------------------------------------------
-------------------------------------------------------
This sf.net email is sponsored by: OSDN - Tired of that same old
cell phone? Get a new here for FREE!
https://www.inphonic.com/r.asp?r=sourceforge1&refcode1=vs3390
------------------------------------------------------------------------
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
