LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Ubuntu (http://www.linuxquestions.org/questions/ubuntu-63/)
-   -   ufw log filter (http://www.linuxquestions.org/questions/ubuntu-63/ufw-log-filter-931455/)

spezticle 02-26-2012 09:14 PM

ufw log filter
 
so i'm trying to tell UFW not to log anything at all from a port or port range.

i've been trying a few edits in /etc/ufw/after.rules
but it doesn't seem to work.

after i edit this file i sudo /etc/init.d/ufw restart
to set forth in motion the new rule set in the file. is this not how it works?

below is my /etc/ufw/after.rules file:
Code:

#
# rules.input-after
#
# Rules that should be run after the ufw command line added rules. Custom
# rules should be added to one of these chains:
#  ufw-after-input
#  ufw-after-output
#  ufw-after-forward
#

# Don't delete these required lines, otherwise there will be errors
*filter
:ufw-after-input - [0:0]
:ufw-after-output - [0:0]
:ufw-after-forward - [0:0]
# End required lines

# don't log noisy services by default
-A ufw-after-input -p udp --dport 137 -j ufw-skip-to-policy-input
-A ufw-after-input -p udp --dport 138 -j ufw-skip-to-policy-input
-A ufw-after-input -p tcp --dport 139 -j ufw-skip-to-policy-input
-A ufw-after-input -p tcp --dport 445 -j ufw-skip-to-policy-input
-A ufw-after-input -p udp --dport 67 -j ufw-skip-to-policy-input
-A ufw-after-input -p udp --dport 68 -j ufw-skip-to-policy-input

## notice below are what I was trying to filter
## but it seems not to work
-A ufw-after-input -p udp --dport 40400 -j ufw-skip-to-policy-input
-A ufw-after-input -p tcp --dport 40400 -j ufw-skip-to-policy-input
-A ufw-after-input -p udp --dport 40401 -j ufw-skip-to-policy-input
-A ufw-after-input -p tcp --dport 40401 -j ufw-skip-to-policy-input

# don't log noisy broadcast
-A ufw-after-input -m addrtype --dst-type BROADCAST -j ufw-skip-to-policy-input

# don't delete the 'COMMIT' line or these rules won't be processed
COMMIT



All times are GMT -5. The time now is 10:58 PM.