OPNsense Forum

Archive => 15.7 Legacy Series => Topic started by: Kuragari on October 01, 2015, 03:24:49 pm

Title: Disable log for default WAN rules
Post by: Kuragari on October 01, 2015, 03:24:49 pm
Hello,

Here my problem, i have enable the option Block private networks on my WAN interface, my issue is i make double NAT because a need to use my ISP modem and this modem can't do bridge mode (no other solution).

Everything work correctly my only problem is when the option is checked there is a WAN rules who block RFC 1918 networks and by default logs for this rule are enable. My ISP modem make a lot of broadcast so all my Firewall log come from 192.168.1.1 (ISP modem IP).

Anyway to disable log for this rule ? Or anyway to create a pass rule with 192.168.1.1 as source and ask don't log this ?

Best regards
Title: Re: Disable log for default WAN rules
Post by: AdSchellevis on October 01, 2015, 04:52:31 pm
Hi,

You should be able to disable the logging on the diag_logs_settings.php page, just uncheck "Log packets blocked by 'Block Bogon Networks' rules".

Regards,

Ad
Title: Re: Disable log for default WAN rules
Post by: Kuragari on October 01, 2015, 06:46:16 pm
Thank you, i have find this.

Anyway, i know my default OPNSense gateway is 192.168.1.1, could i only don't log this ip ?
Title: Re: Disable log for default WAN rules
Post by: Tikimotel on October 02, 2015, 07:17:00 pm
Is your modem "spamming" / broadcasting the log file with UPD (67) messages?

Maybe you also need to uncheck the default rules a.k.a.
Log packets matched from the default block rules put in the ruleset
Log packets matched from the default pass rules put in the ruleset
in "Status: System logs: Settings"
Title: Re: Disable log for default WAN rules
Post by: AdSchellevis on October 02, 2015, 07:20:23 pm
@Kuragari
I missed your last question, but if you only want to disable logging for a specific IP within the RFC 1918 range, you probably should disable the interface setting and add the block rules manually in the firewall for these ranges.