Hi,
All traffic is logged as let out anything from firewall host itself after NAT.
It makes logs huge and after a while, when `/var` is full, I need to restart machine, because opnsense is basically hung at this point.
It seems quite strange and inconvenient to have all traffic logged and since it is default rule I cannot disable logging for it. I workaround the issue of hanging with limiting logs to 3 days, but still it is a problem to unnecessary log everything without ability to disable the logs without hacks.
Is is really intended default behavior? Maybe it is the VLANs? What are you doing to mitigate this log spam?
Thanks,
Kacper
have you checked System > Settings > Logging has only the logs enabled that you want?