How to skip broadcast in pf logs
From: FM (fakta99_at_yahoo.se)
Date: 09/23/03
- Next message: Gudlyf: "Bug in -current ports for tightvnc"
- Previous message: Bob Farro: "Re: Mailing list software under OpenBSD"
- Next in thread: Daniel Hartmeier: "Re: How to skip broadcast in pf logs"
- Reply: Daniel Hartmeier: "Re: How to skip broadcast in pf logs"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: 23 Sep 2003 08:44:21 -0700
I feel embarassed asking this, but after joining new busy network, my
old pf rules need to be a bit modified. The problem are UDP packets
sent to 255.255.255.255 by other computers on network. I don't want
them to bloat pf logs so this should do the trick:
---------------------------------
# In MARCOS section
Nonroutables="{ 0.0.0.0/8, 10.0.0.0/8, 127.0.0.0/8, 169.254.0.0/16,
172.16.0.0/12, 192.0.2.0/24, 192.168.0.0/16, 204.152.64.0/23,
224.0.0.0/3, 255.255.255.255 }"
# First in FILTERING section
block in quick on $ExtIF from $Nonroutables to any
block out quick on $ExtIF from any to $Nonroutables
---------------------------------
No 'log' word and added 'quick'. These annoying broadcast packets are
still loged, in spite of my attempts to avoid it. Why?
And how do I track a certain rule number. For example, rule #34,
"17:38:10.370695 rule 34/0(match): block in on.."
'pfctl -s rules' doesn't show number of each rule.
Regards,
FM
- Next message: Gudlyf: "Bug in -current ports for tightvnc"
- Previous message: Bob Farro: "Re: Mailing list software under OpenBSD"
- Next in thread: Daniel Hartmeier: "Re: How to skip broadcast in pf logs"
- Reply: Daniel Hartmeier: "Re: How to skip broadcast in pf logs"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
