On 2023-04-30 14:04, Per Jessen wrote:
Carlos E. R. wrote:
I wasn't sure they were dhcp client broadcasts, though.
Okay. At least that answered in my first reply in the thread.
* if you're not sure if you need then, reject but log
It's a lot of noise.
Is that a problem?
For me, yes! I don't like noise in the logs. Hate it, actually.
Stop logging stuff :-)
Nonono. I want to see the issues. If there is noise, the issues do not stand out.
That is perhaps a matter of personal attitude - when I (in code or in a firewall chain) end up in a situation I hadn't anticipated, I want to know about it. Repetitive lines can be suppressed by your syslog daemon.
All of my firewall scripts finish with these lines:
## log all traffic that comes this way $IPTABLES -A INPUT -p all -j LOG --log-level debug --log-prefix 'input: ' $IPTABLES -A FORWARD -p all -j LOG --log-level debug --log-prefix 'forward: '
## Drop anything that is not explicitly allowed. $IPTABLES -A INPUT -p all -j DROP $IPTABLES -A FORWARD -p all -j DROP
-- Cheers / Saludos, Carlos E. R. (from 15.4 x86_64 at Telcontar)