From 87329e1915285683d84b6bec959bed49ccd41826 Mon Sep 17 00:00:00 2001 From: Gregor Kleen Date: Sun, 6 Feb 2022 20:00:24 +0100 Subject: ... --- hosts/surtr/ruleset.nft | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) (limited to 'hosts/surtr') diff --git a/hosts/surtr/ruleset.nft b/hosts/surtr/ruleset.nft index 998bd037..3dc2b311 100644 --- a/hosts/surtr/ruleset.nft +++ b/hosts/surtr/ruleset.nft @@ -39,7 +39,7 @@ table inet filter { policy drop - ct state invalid log prefix "drop invalid forward: " counter drop + ct state invalid log level debug prefix "drop invalid forward: " counter drop iifname lo counter accept @@ -56,8 +56,8 @@ table inet filter { iifname bifrost oifname ens3 counter accept - limit name lim_reject log prefix "drop forward: " counter drop - log prefix "reject forward: " counter + limit name lim_reject log level debug prefix "drop forward: " counter drop + log level debug prefix "reject forward: " counter meta l4proto tcp ct state new counter reject with tcp reset ct state new counter reject @@ -70,7 +70,7 @@ table inet filter { policy drop - ct state invalid log prefix "drop invalid input: " counter drop + ct state invalid log level debug prefix "drop invalid input: " counter drop iifname lo counter accept @@ -95,8 +95,8 @@ table inet filter { ct state {established, related} counter accept - limit name lim_reject log prefix "drop input: " counter drop - log prefix "reject input: " counter + limit name lim_reject log level debug prefix "drop input: " counter drop + log level debug prefix "reject input: " counter meta l4proto tcp ct state new counter reject with tcp reset ct state new counter reject -- cgit v1.2.3