You are not logged in.

#1 2006-09-19 03:02:08

mac57
Member
From: St. Somewhere
Registered: 2006-01-06
Posts: 302
Website

Firestarter Logging to iptables.log - Can It Be Disabled?

I have added the firestarter firewall to my Arch 0.7.1 setup. While I appreciate the added protection, it does introduce one problem. Firestarter appears to be writing regular logs to a log file somewhere, /var/log/iptables.log I think.

This means that predicably, about every 6 seconds, my hard disk cranks. This is noisy and annoying. Is there any way to disable this logging, or redirect it somehow such that the hard drive isn't involved every 6 seconds? Even being able to change that interval to a larger one (say once a minute) would be just fine. Thanks!


Cast off the Microsoft shackles Jan 2005

Offline

#2 2006-09-19 04:07:14

iBertus
Member
From: Greenville, NC
Registered: 2004-11-04
Posts: 2,228

Re: Firestarter Logging to iptables.log - Can It Be Disabled?

I'm not sure about firestarter (not using it here) but normally you should be able to change the rule in /etc/iptables/iptables.rules to reflect the logging interval.

Offline

#3 2006-09-19 04:36:03

mac57
Member
From: St. Somewhere
Registered: 2006-01-06
Posts: 302
Website

Re: Firestarter Logging to iptables.log - Can It Be Disabled?

Thanks iBertus. Unforunately it doesn't appear that firestarter uses this particular file. There are two files in that directory, empty.rules and simple_firewall.rules. Both date to before I installed firestarter, so I guess that I am not able to adjust its logging interval from there.


Cast off the Microsoft shackles Jan 2005

Offline

#4 2006-09-19 15:34:21

iBertus
Member
From: Greenville, NC
Registered: 2004-11-04
Posts: 2,228

Re: Firestarter Logging to iptables.log - Can It Be Disabled?

I suppose firestarter must pass it's parameters to iptables without writing them to disc. Have you tried running firestarter, then running iptables-save when the firewall is running? This will give you the current iptables configuration. If the file is pretty long (which it would be if firestarter has given iptables some commands) you can redirect that output to the file /etc/iptables.rules and run iptables without firestarter. You could then edit the rules file and change the logging interval.

Offline

Board footer

Powered by FluxBB