|
||||||||
Fred Wright wrote:
> I have a no-log block rule for IGMP to keep those out of the log, which
> worked at one time. But at some point, the router started including some
> sort of IP option in the IGMP multicasts, and since m0n0wall has a
> hard-coded rule to drop packets with IP options, which is ahead of all
> user rules, there's no longer any way to keep them out of the log.
Block them with a non-logging filter. I do that for ports 139, et. al.
just to keep the logs readable.
Lee |