High speed ISP creates very filled logs from DROP_INPUT messages in IPFire

The logging logs all blocked connections.

If you have a high speed ISP, then 100’s of thousands of blocked connections per minute fill the log making rule validation impossible.

Suggestion. Add the ability to filter the long to not log connections that are filtered out.

You can do that as described in the documentation.

https://www.ipfire.org/docs/configuration/firewall/options#log-dropped-input-packets

3 Likes

I have modified the title of this post as a log filled with DROP_INPUT messages is not a denial of service event.

3 Likes