Prevent logging of a specific IPv6 blocked address
-
There are several posts regarding "noisy" IPv6 ICMPv6 messages in the firewall log. I'm looking for a way to not log just a single offending IPv6 address. It's a blocked address by the default rules, the address shows up in the log every 2-4 seconds, making it annoying and the log not very useful. I'd also like a solution that survives updates. It's fine if it requires editing a file manually as I don't see any GUI method. Yes there is the check box for "Log firewall default blocks", however, that turns off everything not just a single address.
Is there a way to do this? I've attached a small screen shot showing the issue. Thanks for your help!
-
Put a block rule on WAN with that source address and whatever else you want to match and don't check log.
-
Thanks for your answer, however, I don't understand your response. The IP is already blocked that's why it's showing up in the log. Where exactly does the additional block rule go? I also do not understand the comment "don't check log".
-
The default deny rule logs by default.
There is a checkbox to stop this logging but it will affect ALL traffic hitting default deny not just the traffic you are specifically asking about.
A specific rule higher in the list can block the traffic, not log, and processing will stop.
The default deny rule (and the logging) will never be hit/processed.