Remove DHCP requests logs from my firewall



  • Hello,

    Basic installation by default. Cable Internet. I'm trying to to follow jimp instructions to remove DHCP request logs from my firewall: http://forum.pfsense.org/index.php/topic,61242.msg330189.html#msg330189

    They're hitting the block private networks rule before any rule you make yourself.
    Disable block private networks, make your own equivalent rule without log set.

    (Make an alias for 192.168.0.0/16, 172.16.0.0/12, 10.0.0.0/8, then block any protocol in on WAN from that source to any)

    Disable block private networks
    picture (1)

    Make an alias for 192.168.0.0/16, 172.16.0.0/12, 10.0.0.0/8
    picture (2)

    block any protocol in on WAN from that source to any
    picture (3)

    I'm doing something wrong but I do not know what. There are still those IGMP logs. How should I proceed to make them disappear? Help greatly appreciated.

    block Oct 4 06:46:16 WAN 10.202.128.1 224.0.0.1 IGMP
    block Oct 4 06:46:26 WAN 10.53.0.1 224.0.0.1 IGMP
    block Oct 4 06:47:17 WAN 10.202.128.1 224.0.0.1 IGMP
    block Oct 4 06:47:26 WAN 10.53.0.1 224.0.0.1 IGMP
    block Oct 4 06:48:17 WAN 10.202.128.1 224.0.0.1 IGMP
    block Oct 4 06:48:25 WAN 10.53.0.1 224.0.0.1 IGMP
    block Oct 4 06:49:16 WAN 10.202.128.1 224.0.0.1 IGMP
    block Oct 4 06:49:25 WAN 10.53.0.1 224.0.0.1 IGMP
    block Oct 4 06:50:16 WAN 10.202.128.1 224.0.0.1 IGMP
    block Oct 4 06:50:25 WAN 10.53.0.1 224.0.0.1 IGMP
    block Oct 4 06:51:16 WAN 10.202.128.1 224.0.0.1 IGMP
    block Oct 4 06:51:25 WAN 10.53.0.1 224.0.0.1 IGMP
    block Oct 4 06:52:16 WAN 10.202.128.1 224.0.0.1 IGMP
    block Oct 4 06:52:25 WAN 10.53.0.1 224.0.0.1 IGMP
    block Oct 4 06:53:16 WAN 10.202.128.1 224.0.0.1 IGMP
    block Oct 4 06:53:25 WAN 10.53.0.1 224.0.0.1 IGMP
    block Oct 4 06:54:16 WAN 10.202.128.1 224.0.0.1 IGMP
    block Oct 4 06:54:25 WAN 10.53.0.1 224.0.0.1 IGMP
    block Oct 4 06:55:17 WAN 10.202.128.1 224.0.0.1 IGMP
    block Oct 4 06:55:26 WAN 10.53.0.1 224.0.0.1 IGMP
    block Oct 4 06:56:17 WAN 10.202.128.1 224.0.0.1 IGMP
    block Oct 4 06:56:25 WAN 10.53.0.1 224.0.0.1 IGMP
    block Oct 4 06:57:16 WAN 10.202.128.1 224.0.0.1 IGMP
    block Oct 4 06:57:25 WAN 10.53.0.1 224.0.0.1 IGMP
    block Oct 4 06:58:16 WAN 10.202.128.1 224.0.0.1 IGMP



  • Status -> System Logs -> Settings

    In General Logging Options / Log Firewall Default Blocks, unselect " Log packets blocked by 'Block Private Networks' rules " and Save.

    No more IGMP logs.



  • Your rule is only blocking TCP. You want to block a lot more protocols than that - "any".



  • Thank you for your intervention phil.davis
    Can you clearly tell me what I need to change in my setup please.
    As you can see, I started with pfSense.
    Thanks



  • @exnsmoker:

    Status -> System Logs -> Settings

    In General Logging Options / Log Firewall Default Blocks, unselect " Log packets blocked by 'Block Private Networks' rules " and Save.

    No more IGMP logs.

    This works, when you have 'Block Private Networks' select on an interface. Then the rule is automatically generated without logging.
    The rule you show only has protocol TCP - that rule would also have worked if you selected protocol "all".



  • You want to block a lot more protocols than that - "any".

    The rule you show only has protocol TCP - that rule would also have worked if you selected protocol "all".

    Like that?
    picture (4)



  • Like that?

    Yes



  • Thank you very much.



  • I was just looking to do the same adjustment to my logs tonight! I am not at my home so I cant see my pfSense admin screen .. yet.  What section did you turn off "Block Priv Networks" ?  Was that on the WAN interface?

    Thank You I am a Noob still.



  • What section did you turn off "Block Priv Networks" ?  Was that on the WAN interface?

    As mentioned here by AhnHEL http://forum.pfsense.org/index.php/topic,14131.msg75033.html#msg75033

    Go to Interfaces/WAN in the web gui and uncheck "Block private networks"


Log in to reply