[pve-devel] pve-firewall : log for default accept action and action format consistency in logs

Dietmar Maurer dietmar at proxmox.com
Mon Jul 1 06:10:36 CEST 2019


> On 1 July 2019 03:03 Alexandre DERUMIER <aderumier at odiso.com> wrote:
> 
>  
> >>I always tried to minimize log overhead. If you log ACCEPT, that will
> >>generate very large amounts of logs?
> 
> yes sure, but we have the option to set nolog for in/out default rules.

Ah, good.

> I have some server where customer want all accept out, but I need to log all access.
> (currently, only way is to add an extra rules ACCEPT at the end)

yes, you are right - thats clumsy...




More information about the pve-devel mailing list