Hi,
I'm using Shorewall 5.0.15.6 on Debien Stretch. My syslog is full of
"Shorewall:sfilter:DROP" messages for junk coming on my wan interface.
My "policy" entries for "wan -> all", and default "all -> all" have
nothing in the "log level" column, which should mean "don't log
anything". Moreover, I only have "REJECT" policies, I don't use "DROP"
action.
When doing :
iptables --list | grep Shorewall:sfilter
I can see the following line, only when Shorewall is active :
LOG all -- anywhere anywhere LOG level info
prefix "Shorewall:sfilter:DROP:"
This means this log entry has been generated by Shorewall.
Where does this "Shorewall:sfilter:DROP" policy come from ? Why does it
override the policies in my "policy" file ? And how to disable it ?
Thank you in advance. Kind regards,
Toussaint.
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users
