[LEDE-DEV] dropping/rejecting without logging in zone set for logging

Brian J. Murrell brian at interlinx.bc.ca
Mon Oct 30 14:41:47 PDT 2017


I have a firewall configuration that includes:

config zone
	option name 'lan'
	option forward 'ACCEPT'
	option network 'lan'
	option log '1'
	option input 'REJECT'
	option output 'REJECT'

Because of course with any firewall there are the exceptions you want
to log (hence the "option log '1'") but then there is the noise that
you just want to drop/reject and not log.

How does one create rules such as the latter so that one's logs don't
get filled with the (i.e. typically broadcast) noise?

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: This is a digitally signed message part
URL: <http://lists.infradead.org/pipermail/lede-dev/attachments/20171030/39c4f919/attachment.sig>

More information about the Lede-dev mailing list