Please add a NOLOG option
Posted: 01 Jun 2012, 14:07
Good day:
csf.conf has DROP_NOLOG which modifies the firewall and does not log.
Please consider adding a NOLOG option where I can list ports whose existing firewall options are not logged.
For example:
Let state I have a web server where I want to allow outgoing TCP 25, but no incoming TCP 25.
Some of the web sites in question don't have an MX record, so when a valid mail server goes to send an email to the domain name, it ends up going to the web server IP (TCP 25) as a default given no MX.
The firewall doesn't allow the activity which is good; BUT after x attempts, CSF / LFD is sending out a brute force alert and a arf report.
I would rather have such events handled, but no logging or reporting.
Thank you.
csf.conf has DROP_NOLOG which modifies the firewall and does not log.
Please consider adding a NOLOG option where I can list ports whose existing firewall options are not logged.
For example:
Code: Select all
NOLOG="25"Some of the web sites in question don't have an MX record, so when a valid mail server goes to send an email to the domain name, it ends up going to the web server IP (TCP 25) as a default given no MX.
The firewall doesn't allow the activity which is good; BUT after x attempts, CSF / LFD is sending out a brute force alert and a arf report.
I would rather have such events handled, but no logging or reporting.
Thank you.