Keeping Firewall logs clean



  • Hi Forum,

    There is a repeating entry in our firewall logs, and there is nothing we can do about with our service provider. Is there anything we can do so these don't clog up our firewall log.

    Mar 30 12:38:04 WAN 64.40.104.195:1985 224.0.0.102:1985 UDP
      Mar 30 12:38:04 WAN 64.40.104.194:1985 224.0.0.102:1985 UDP
      Mar 30 12:38:05 WAN 64.40.104.195:1985 224.0.0.102:1985 UDP
      Mar 30 12:38:05 WAN 64.40.104.194:1985 224.0.0.102:1985 UDP
      Mar 30 12:38:06 WAN 64.40.104.195:1985 224.0.0.102:1985 UDP
      Mar 30 12:38:06 WAN 64.40.104.194:1985 224.0.0.102:1985 UDP
      Mar 30 12:38:06 WAN 64.40.104.195:1985 224.0.0.102:1985 UDP
      Mar 30 12:38:07 WAN 64.40.104.194:1985 224.0.0.102:1985 UDP
      Mar 30 12:38:07 WAN 64.40.104.195:1985 224.0.0.102:1985 UDP
      Mar 30 12:38:08 WAN 64.40.104.195:1985 224.0.0.102:1985 UDP
      Mar 30 12:38:08 WAN 64.40.104.194:1985 224.0.0.102:1985 UDP
      Mar 30 12:38:09 WAN 64.40.104.195:1985 224.0.0.102:1985 UDP
      Mar 30 12:38:09 WAN 64.40.104.194:1985 224.0.0.102:1985 UDP
      Mar 30 12:38:10 WAN 64.40.104.195:1985 224.0.0.102:1985 UDP
      Mar 30 12:38:10 WAN 64.40.104.194:1985 224.0.0.102:1985 UDP
      Mar 30 12:38:10 WAN 64.40.104.195:1985 224.0.0.102:1985 UDP
      Mar 30 12:38:11 WAN 64.40.104.194:1985 224.0.0.102:1985 UDP
      Mar 30 12:38:11 WAN 64.40.104.195:1985 224.0.0.102:1985 UDP
      Mar 30 12:38:12 WAN 64.40.104.194:1985 224.0.0.102:1985 UDP
      Mar 30 12:38:12 WAN 64.40.104.195:1985 224.0.0.102:1985 UDP
      Mar 30 12:38:12 WAN 64.40.104.194:1985 224.0.0.102:1985 UDP
      Mar 30 12:38:13 WAN 64.40.104.195:1985 224.0.0.102:1985 UDP
      Mar 30 12:38:13 WAN 64.40.104.194:1985 224.0.0.102:1985 UDP
      Mar 30 12:38:14 WAN 64.40.104.195:1985 224.0.0.102:1985 UDP

    Thanks for any help,

    Alfredo.



  • If you log traffic blocked by default block rule then place another block rule without logging:

    Create a firewall rule which blocks the traffic from source 64.40.104.195:1985 to 224.0.0.102:1985 with protocol UDP. (logging disabled for this rule).

    Then traffic is still blocked but not by default rule but by the new created one.



  • Hallo Nachfalke,

    Thanks. Now the log is clean.

    Alfredo.


Log in to reply