No, it's logging any tcp packet with a source port of 80 - just like you told it to.
The log level determines which logfile (r)syslog will put it into, depending on your configuration.
You've told it to treat the entries as 'err' level messages, so syslog will act on them according to it's configuration.
|