Log to pfBlocker Alerts only instead of the firewall logs
-
Hi,
Could you please help me with this? I would like to log the pfBlocker events only to the alerts tab and leave the firewall logs completely.
Is this possible? I know I can disable logging for the IP aliases individually but that's not my goal.
(I dont plan updating to 2.5 soon.)My system:
2.4.5-RELEASE-p1
pfBlockerNG-devel 3.0.0_10Thank you.
-
Logging of firewall rules is a 'kernel' thing.
Rules created by pfBlockerNG set the log check box.
pfBlockerNG reads the firewall syslog to create it's own event list.What is not the case : the firewall communicates to pfBlockerNG.
As such, you can't (shouldn't) stop the firewall logging by editing the rules that have in their description " ..... auto rule" : it would impact pfBlockerNG . -
@gertjan
I see, then my only option is to disable logging for an alias completely.
I dont care what IPs are blocked Inbound to my WAN port except if I need to create an exception.
Should I disable inbound blocking completely on WAN and leave it to the default block rule?
My only open ports are for OpenVPN and IPSEC. Do you have any suggestions?Thank you.
-
True : logging WAN that hit the wall is useless.
-
I turned off inbound filtering completely instead and left the logging on for the outbound traffic.
It would be great if we could configure inbound and outbound logging separately in pfBlocker.
