LinuxQuestions.org
LinuxAnswers - the LQ Linux tutorial section.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Ubuntu
User Name
Password
Ubuntu This forum is for the discussion of Ubuntu Linux.

Notices

Reply
 
Search this Thread
Old 02-26-2012, 09:14 PM   #1
spezticle
Member
 
Registered: May 2010
Distribution: Ubuntu 10.04
Posts: 30

Rep: Reputation: 0
Question ufw log filter


so i'm trying to tell UFW not to log anything at all from a port or port range.

i've been trying a few edits in /etc/ufw/after.rules
but it doesn't seem to work.

after i edit this file i sudo /etc/init.d/ufw restart
to set forth in motion the new rule set in the file. is this not how it works?

below is my /etc/ufw/after.rules file:
Code:
#
# rules.input-after
#
# Rules that should be run after the ufw command line added rules. Custom
# rules should be added to one of these chains:
#   ufw-after-input
#   ufw-after-output
#   ufw-after-forward
#

# Don't delete these required lines, otherwise there will be errors
*filter
:ufw-after-input - [0:0]
:ufw-after-output - [0:0]
:ufw-after-forward - [0:0]
# End required lines

# don't log noisy services by default
-A ufw-after-input -p udp --dport 137 -j ufw-skip-to-policy-input
-A ufw-after-input -p udp --dport 138 -j ufw-skip-to-policy-input
-A ufw-after-input -p tcp --dport 139 -j ufw-skip-to-policy-input
-A ufw-after-input -p tcp --dport 445 -j ufw-skip-to-policy-input
-A ufw-after-input -p udp --dport 67 -j ufw-skip-to-policy-input
-A ufw-after-input -p udp --dport 68 -j ufw-skip-to-policy-input

## notice below are what I was trying to filter
## but it seems not to work
-A ufw-after-input -p udp --dport 40400 -j ufw-skip-to-policy-input
-A ufw-after-input -p tcp --dport 40400 -j ufw-skip-to-policy-input
-A ufw-after-input -p udp --dport 40401 -j ufw-skip-to-policy-input
-A ufw-after-input -p tcp --dport 40401 -j ufw-skip-to-policy-input

# don't log noisy broadcast
-A ufw-after-input -m addrtype --dst-type BROADCAST -j ufw-skip-to-policy-input

# don't delete the 'COMMIT' line or these rules won't be processed
COMMIT
 
  


Reply

Tags
firewall, log


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
filter source line based on results line in log using awk and sed samanp Programming 5 04-06-2011 09:42 AM
Filter snmpd entries from /var/log/messages investmentbnker75 Linux - General 6 03-18-2011 04:10 PM
[SOLVED] ufw judoka Linux - Networking 5 07-08-2010 03:03 PM
filter log file OrC82 Linux - Server 5 07-30-2009 08:54 AM
Dansguardian - Won't filter new addresses added to filter list TechnoBod Linux - Software 1 01-08-2008 01:40 AM


All times are GMT -5. The time now is 07:08 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration