so i'm trying to tell UFW not to log anything at all from a port or port range.
i've been trying a few edits in /etc/ufw/after.rules
but it doesn't seem to work.
after i edit this file i sudo /etc/init.d/ufw restart
to set forth in motion the new rule set in the file. is this not how it works?
below is my /etc/ufw/after.rules file:
Code:
#
# rules.input-after
#
# Rules that should be run after the ufw command line added rules. Custom
# rules should be added to one of these chains:
# ufw-after-input
# ufw-after-output
# ufw-after-forward
#
# Don't delete these required lines, otherwise there will be errors
*filter
:ufw-after-input - [0:0]
:ufw-after-output - [0:0]
:ufw-after-forward - [0:0]
# End required lines
# don't log noisy services by default
-A ufw-after-input -p udp --dport 137 -j ufw-skip-to-policy-input
-A ufw-after-input -p udp --dport 138 -j ufw-skip-to-policy-input
-A ufw-after-input -p tcp --dport 139 -j ufw-skip-to-policy-input
-A ufw-after-input -p tcp --dport 445 -j ufw-skip-to-policy-input
-A ufw-after-input -p udp --dport 67 -j ufw-skip-to-policy-input
-A ufw-after-input -p udp --dport 68 -j ufw-skip-to-policy-input
## notice below are what I was trying to filter
## but it seems not to work
-A ufw-after-input -p udp --dport 40400 -j ufw-skip-to-policy-input
-A ufw-after-input -p tcp --dport 40400 -j ufw-skip-to-policy-input
-A ufw-after-input -p udp --dport 40401 -j ufw-skip-to-policy-input
-A ufw-after-input -p tcp --dport 40401 -j ufw-skip-to-policy-input
# don't log noisy broadcast
-A ufw-after-input -m addrtype --dst-type BROADCAST -j ufw-skip-to-policy-input
# don't delete the 'COMMIT' line or these rules won't be processed
COMMIT
ufw log filter
