Firewall logs - how do you disable certain log entries?

[shred]

I'm noticing a lot of log entries in my firewall log that I would like to disable (i.e. not logged) but I can't seem to figure out where to do this. The label for these entries are:

- "anti-lockout rule"
- "let out anything from firewall host itself"
- "pass loopback"

I've searched everywhere that would make logical sense to disable these log entries but I'm not finding anything. Any ideas?

[marjohn56]

System->Settings->Logging.

[shred]

System->Settings->Logging.

Thanks marjohn56! Can't believe I missed that. It appears unchecking "Log packets matched from the default pass rules put in the ruleset" will stop logging of the default LAN to Any pass and the anti-lock out rule.

One suggestion/thought for the devs, it's a bit confusing since if you access the default LAN to Any rule, there's an option that says "Log packets that are handled by this rule" which is unchecked. Personally, I think it would make more sense to have this option enable/disable logging and perhaps the other setting in System->Settings->Logging be renamed to something like "Log packets matched from the anti-lockout rule" and only be used for that purpose. Just a thought!

[marjohn56]

I suspect it maybe because the global rule can override the interface specific rule.


If there were no little quirks, then we would have nothing to write about. 🤔

[danieljaimini]

You can do it by going into System then go to Settings and then to Logging