1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

IPtables to drop logging of DHCP?

Discussion in 'Tomato Firmware' started by kac00, Mar 8, 2010.

  1. kac00

    kac00 Addicted to LI Member


    Is there a way to modify iptables to disable logging of traffic either to a certain port or from a certain IP?

    I am receiving a ton of these requests... every couple seconds:

    user.warn kernel: DROP IN=vlan1 OUT= MAC=ff:ff:ff:ff:ff:ff:00:05:00:e6:5e:83:08:00:45:00:01:48 SRC= DST= LEN=328 TOS=0x00 PREC=0x00 TTL=255 ID=48063 PROTO=UDP SPT=67 DPT=68 LEN=308

    I have optimum online, and I understand them to be dhcp requests from everyone on my subnet. They are being dropped, but they are clogging up the log so I can't see if there really is anything to be concerned about.

    For whatever reason, my old router didn't log these dhcp requests so I could use the log.

    Any suggestions?


  2. SgtPepperKSU

    SgtPepperKSU Network Guru Member

    You should set the options to log those entries to "Disabled" in Administration->Logging. For what it's worth, the default setting is disabled for those.
  3. kac00

    kac00 Addicted to LI Member

    Thanks for the suggestion.

    I understand I could choose to not log _any_ inbound connections. I'd like to log them except for those from a certain IP.

    The dhcp requests from my provider are irrelevant. The rest are probably irrelevant. I'd just like to monitor it since I do have a couple ports open...

    Any suggestions how to exclude a certain IP or destination port from the tomato log?

  4. kac00

    kac00 Addicted to LI Member

    I think I figured it out.

    I added this to the firewall script:

    iptables -I INPUT -s -j DROP

Share This Page