[pve-devel] [PATCH firewall] Remove hard coded rate limit of logged packets
Christian Ebner
c.ebner at proxmox.com
Tue Mar 19 16:56:31 CET 2019
As some users rely on logging of all packets dropped/rejected, this removes the
hard coded rate limit.
Signed-off-by: Christian Ebner <c.ebner at proxmox.com>
---
src/PVE/Firewall.pm | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/PVE/Firewall.pm b/src/PVE/Firewall.pm
index f294d36..30e2b4b 100644
--- a/src/PVE/Firewall.pm
+++ b/src/PVE/Firewall.pm
@@ -2106,7 +2106,7 @@ sub get_log_rule_base {
# Note: we use special format for prefix to pass further
# info to log daemon (VMID, LOGLEVEL and CHAIN)
- return "-m limit --limit 1/sec -j NFLOG --nflog-prefix \":$vmid:$loglevel:$chain: $msg\"";
+ return "-j NFLOG --nflog-prefix \":$vmid:$loglevel:$chain: $msg\"";
}
sub ruleset_add_chain_policy {
--
2.11.0
More information about the pve-devel
mailing list