Mailinglist Archive: opensuse-security (26 mails)

< Previous Next >
[opensuse-security] How can I tell susefirewall not to log about a certain port?
  • From: "Carlos E. R." <robin.listas@xxxxxxxxxxxxxx>
  • Date: Sun, 15 Jul 2007 14:13:12 +0200 (CEST)
  • Message-id: <Pine.LNX.4.64.0707151404560.32085@xxxxxxxxxxxxxxxx>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Hi,

In the /etc/sysconfig/SuSEfirewall2 file I have:


FW_SERVICES_EXT_TCP="4662"

But entries to that port are logged:

Jul 15 14:07:25 nimrodel kernel: SFW2-INext-ACC-TCP IN=eth0 OUT= 
MAC=00:40:f4:2e:b1:21:00:30:da:70:d7:ea:08:00 SRC=189....
DST=192.168.1... LEN=48 TOS=0x00 PREC=0x00 TTL=112 ID=6454 DF PROTO=TCP 
SPT=50867 DPT=4662 WINDOW=64240 RES=0x00 SYN URGP=0 OPT (0204058401010402)

As it is a port I opened, I understand it should not be logged, it is not 
a "critical" port. I have:

FW_LOG_DROP_CRIT="yes"
FW_LOG_DROP_ALL="yes"
FW_LOG_ACCEPT_CRIT="yes"
FW_LOG_ACCEPT_ALL="no"


What could I do so that they are not logged? I want other port logged, but 
not those I explicitly opened myself.



- -- 
Cheers,
       Carlos Robinson
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Made with pgp4pine 1.76

iD8DBQFGmg9ZtTMYHG2NR9URArYzAJ9Ty4P6d6pGX4TuOrv/8L4CPCWbsgCgjPOM
lz6ZfwgOR1Eawj7JVyde26k=
=ojto
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To unsubscribe, e-mail: opensuse-security+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-security+help@xxxxxxxxxxxx

< Previous Next >