Firewall logs - how do you disable certain log entries?

Started by shred, August 31, 2018, 10:22:01 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
August 31, 2018, 10:22:01 PM
I'm noticing a lot of log entries in my firewall log that I would like to disable (i.e. not logged) but I can't seem to figure out where to do this. The label for these entries are:

- "anti-lockout rule"
- "let out anything from firewall host itself"
- "pass loopback"

I've searched everywhere that would make logical sense to disable these log entries but I'm not finding anything. Any ideas?
August 31, 2018, 11:47:54 PM #1
System->Settings->Logging.
OPNsense 24.7 - Qotom Q355G4 - ISP - Squirrel 1Gbps.

Team Rebellion Member
September 01, 2018, 02:13:29 AM #2
Quote from: marjohn56 on August 31, 2018, 11:47:54 PM
System->Settings->Logging.

Thanks marjohn56! Can't believe I missed that. It appears unchecking "Log packets matched from the default pass rules put in the ruleset" will stop logging of the default LAN to Any pass and the anti-lock out rule.

One suggestion/thought for the devs, it's a bit confusing since if you access the default LAN to Any rule, there's an option that says "Log packets that are handled by this rule" which is unchecked. Personally, I think it would make more sense to have this option enable/disable logging and perhaps the other setting in System->Settings->Logging be renamed to something like "Log packets matched from the anti-lockout rule" and only be used for that purpose. Just a thought!
September 01, 2018, 10:50:52 AM #3
I suspect it maybe because the global rule can override the interface specific rule.


If there were no little quirks, then we would have nothing to write about. 🤔
OPNsense 24.7 - Qotom Q355G4 - ISP - Squirrel 1Gbps.

Team Rebellion Member
September 06, 2018, 10:36:36 AM #4
You can do it by going into System then go to Settings and then to Logging
Print
Go Up Pages1
User actions