How do I get this traffic to stop generating logs?
-
In the Firewall Logs section of the Web Admin GUI, when I hover over the green check mark that indicated the allow, this is what shows up "@85(1000005815) pass out log inet all flags S/SA keep state allow-opts label "let out anything IPv4 from firewall host itself"
I am not sure which rule this is coming from. Any idea how I can trace this back to the rule that it is coming from and/or disable this specific logging?
-
Looks like a default allow rule.
Go to the log settings (Status > System Logs > Settings) and try to uncheck the logging of the default allow rule if it is checked. -
Thanks. I had tried that earlier - unchecking - "Log packets matched from the default pass rules put in the ruleset Log packets that are allowed by the implicit default pass rule. - Per-rule logging options are still respected." but it was still logging this traffic.
But, I did not restart any services, I just clicked Save in the GUI. Do I need to restart a service for this change to take effect in the firewall? Or release the firewall by updating a rule?
-
Actually, that seems to have done it, but it takes a few minutes to take effect!