  kac00

    kac00


    Is there a way to modify iptables to disable logging of traffic either to a certain port or from a certain IP?

    I am receiving a ton of these requests... every couple seconds:

    user.warn kernel: DROP IN=vlan1 OUT= MAC=ff:ff:ff:ff:ff:ff:00:05:00:e6:5e:83:08:00:45:00:01:48 SRC= DST= LEN=328 TOS=0x00 PREC=0x00 TTL=255 ID=48063 PROTO=UDP SPT=67 DPT=68 LEN=308

    I have optimum online, and I understand them to be dhcp requests from everyone on my subnet. They are being dropped, but they are clogging up the log so I can't see if there really is anything to be concerned about.

    For whatever reason, my old router didn't log these dhcp requests so I could use the log.

    Any suggestions?


  SgtPepperKSU

    SgtPepperKSU

    You should set the options to log those entries to "Disabled" in Administration->Logging. For what it's worth, the default setting is disabled for those.
  kac00

    kac00

    Thanks for the suggestion.

    I understand I could choose to not log _any_ inbound connections. I'd like to log them except for those from a certain IP.

    The dhcp requests from my provider are irrelevant. The rest are probably irrelevant. I'd just like to monitor it since I do have a couple ports open...

    Any suggestions how to exclude a certain IP or destination port from the tomato log?

  kac00

    kac00

    I think I figured it out.

    I added this to the firewall script:

    iptables -I INPUT -s -j DROP
