Hi folks, I’ve got an issue some of you may have come across and may have a solution for already. If not I’d like to request additional options to the logging options.
The issue
My firewall gets a lot of attempted connections on port 5353 that it drops on the red side. Thats great! I want it to drop those connections. However, it gets so many that I don’t care to read about it in the logs.
Desired outcome
I’d like to not log dropped 5353 connections so that I can pay attention to other dropped connections.
What I’ve tried
I created a firewall rule that specifies dropping port 5353 from anywhere to anywhere and unchecked the “log” box, then applied changes. IPfire still logs 5353 drops, probably because its set up to do this out of the box and is doing this on the DROP_INPUT chain, which makes the rule I created redundant.
Has anybody else attempted to get IPfire to not log specific events? What have you tried? How did it go? If there isn’t a way currently to not log events like this can we request adding the option to do that?