From 0ba09e3cb005fe04550d744de0ddc7a4e85f8aeb Mon Sep 17 00:00:00 2001 From: Gregor Kleen Date: Thu, 6 Jan 2022 23:05:39 +0100 Subject: vidhar: loglevels --- hosts/vidhar/network/ruleset.nft | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/hosts/vidhar/network/ruleset.nft b/hosts/vidhar/network/ruleset.nft index bdd847db..980cbdc6 100644 --- a/hosts/vidhar/network/ruleset.nft +++ b/hosts/vidhar/network/ruleset.nft @@ -126,7 +126,7 @@ table inet filter { policy drop - ct state invalid log prefix "drop invalid forward: " counter name invalid-fw drop + ct state invalid log level notice prefix "drop invalid forward: " counter name invalid-fw drop iifname lo counter name fw-lo accept @@ -138,8 +138,8 @@ table inet filter { - limit name lim_reject log prefix "drop forward: " counter name reject-ratelimit-fw drop - log prefix "reject forward: " counter name reject-fw + limit name lim_reject log level notice prefix "drop forward: " counter name reject-ratelimit-fw drop + log level info prefix "reject forward: " counter name reject-fw meta l4proto tcp ct state new counter name reject-tcp-fw reject with tcp reset ct state new counter name reject-icmp-fw reject } @@ -149,7 +149,7 @@ table inet filter { policy drop - ct state invalid log prefix "drop invalid input: " counter name invalid-rx drop + ct state invalid log level notice prefix "drop invalid input: " counter name invalid-rx drop iifname lo counter name rx-lo accept @@ -184,8 +184,8 @@ table inet filter { ct state {established, related} counter name established-rx accept - limit name lim_reject log prefix "drop input: " counter name reject-ratelimit-rx drop - log prefix "reject input: " counter name reject-rx + limit name lim_reject log level notice prefix "drop input: " counter name reject-ratelimit-rx drop + log level info prefix "reject input: " counter name reject-rx meta l4proto tcp ct state new counter name reject-tcp-rx reject with tcp reset ct state new counter name reject-icmp-rx reject } -- cgit v1.2.3