[9.191][BUG] Logfiles growing 7 Gig in 30 minutes

Question

Hi, running Firmware version: 9.191-2 my log disk space of 7.5 Gig got filled up within 30 minutes....

I imported my config from current UTM 9 version and imported it to beta 9.2.

Fallback.log is about 180 MB and shows mostly
2013:12:26-00:44:45 xyz [daemon:info] pfilter-reporter.pl:  INFO - found match: violation found
2013:12:26-00:44:45 xyz [daemon:info] pfilter-reporter.pl:  INFO - found match: violation found
2013:12:26-00:44:45 xyz [daemon:info] pfilter-reporter.pl:  INFO - found match: violation found
2013:12:26-00:44:45 xyz [daemon:info] pfilter-reporter.pl:  INFO - found match: violation found
2013:12:26-00:44:45 xyz [daemon:info] pfilter-reporter.pl:  INFO - found match: violation found
2013:12:26-00:44:45 xyz [daemon:info] pfilter-reporter.pl:  INFO - found match: violation found
2013:12:26-00:44:45 xyz [daemon:info] pfilter-reporter.pl:  INFO - found match: violation found
2013:12:26-00:44:45 xyz [daemon:info] pfilter-reporter.pl:  INFO - found match: violation found
2013:12:26-00:44:45 xyz [daemon:info] pfilter-reporter.pl:  INFO - found match: violation found
2013:12:26-00:44:45 xyz [daemon:info] pfilter-reporter.pl:  INFO - found match: violation found
2013:12:26-00:44:45 xyz [daemon:info] pfilter-reporter.pl:  INFO - found match: violation found
2013:12:26-00:44:45 xyz [daemon:info] pfilter-reporter.pl:  INFO - found match: violation found
and so on.
What is PFILTER? No idea where to check my config.

Firewall log is 6.6 Gig. I could not even view or download it...
So I had to delete the file. As you can see on enclosed screenshot, it only took about 30 minutes to fill up the log....
Don't ask me, what I did at that time. I was playing around with user portal and running an update on linux mint 14.

After deleting, firewall log shows normal growth.

SSL-VPN shows some Auth Failed while having established my user portal session.
Using Google OTP Token. Reconnects are quite frequent....

2013:12:26-20:17:16 somewhere34 openvpn[9364]: xx.yy.236.173:57892 SENT CONTROL [REF_AaaUse2]: 'AUTH_FAILED' (status=1)
2013:12:26-20:17:16 somewhere34 openvpn[9364]: xx.yy.236.173:57892 Connection reset, restarting [0]
2013:12:26-20:17:16 somewhere34 openvpn[9364]: xx.yy.236.173:57892 SIGUSR1[soft,connection-reset] received, client-instance restarting
2013:12:26-20:17:26 somewhere34 openvpn[9364]: TCP connection established with [AF_INET]xx.yy.236.173:57893 (via [AF_INET]88.64.135.99:443)
2013:12:26-20:17:27 somewhere34 openvpn[9364]: xx.yy.236.173:57893 TLS: Initial packet from [AF_INET]xx.yy.236.173:57893 (via [AF_INET]88.64.135.99:443), sid=4083ea1d 8e434824
2013:12:26-20:17:28 somewhere34 openvpn[9364]: xx.yy.236.173:57893 VERIFY OK: depth=0, C=de, L=jm, O=jm, CN=REF_SslSerJmtwFaken2
2013:12:26-20:17:28 somewhere34 openvpn[9364]: xx.yy.236.173:57893 VERIFY OK: depth=1, C=de, L=jm, O=jm, CN=jm VPN CA, emailAddress=jm@somedomain.de
2013:12:26-20:17:28 somewhere34 openvpn[9364]: xx.yy.236.173:57893 VERIFY OK: depth=1, C=de, L=jm, O=jm, CN=jm VPN CA, emailAddress=jm@somedomain.de
2013:12:26-20:17:28 somewhere34 openvpn[9364]: xx.yy.236.173:57893 VERIFY OK: depth=0, C=de, L=jm, O=jm, CN=REF_SslSerJmtwFaken2
2013:12:26-20:17:29 somewhere34 openvpn[9364]: xx.yy.236.173:57893 PLUGIN_CALL: POST /usr/lib/openvpn/plugins/openvpn-plugin-utm.so/PLUGIN_AUTH_USER_PASS_VERIFY status=2
2013:12:26-20:17:29 somewhere34 openvpn[9364]: xx.yy.236.173:57893 TLS: Username/Password authentication deferred for username 'REF_AaaUse2' [CN SET]
2013:12:26-20:17:29 somewhere34 openvpn[9364]: xx.yy.236.173:57893 Data Channel Encrypt: Cipher 'AES-192-CBC' initialized with 192 bit key
2013:12:26-20:17:29 somewhere34 openvpn[9364]: xx.yy.236.173:57893 Data Channel Encrypt: Using 128 bit message hash 'MD5' for HMAC authentication
2013:12:26-20:17:29 somewhere34 openvpn[9364]: xx.yy.236.173:57893 Data Channel Decrypt: Cipher 'AES-192-CBC' initialized with 192 bit key
2013:12:26-20:17:29 somewhere34 openvpn[9364]: xx.yy.236.173:57893 Data Channel Decrypt: Using 128 bit message hash 'MD5' for HMAC authentication
2013:12:26-20:17:29 somewhere34 openvpn[9364]: xx.yy.236.173:57893 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
2013:12:26-20:17:29 somewhere34 openvpn[9364]: xx.yy.236.173:57893 [REF_AaaUse2] Peer Connection Initiated with [AF_INET]xx.yy.236.173:57893 (via [AF_INET]88.64.135.99:443)
2013:12:26-20:17:31 somewhere34 openvpn[9364]: xx.yy.236.173:57893 PUSH: Received control message: 'PUSH_REQUEST'
2013:12:26-20:17:31 somewhere34 openvpn[9364]: xx.yy.236.173:57893 Delayed exit in 5 seconds
2013:12:26-20:17:31 somewhere34 openvpn[9364]: xx.yy.236.173:57893 SENT CONTROL [REF_AaaUse2]: 'AUTH_FAILED' (status=1)
2013:12:26-20:17:31 somewhere34 openvpn[9364]: xx.yy.236.173:57893 Connection reset, restarting [0]
2013:12:26-20:17:31 somewhere34 openvpn[9364]: xx.yy.236.173:57893 SIGUSR1[soft,connection-reset] received, client-instance restarting
2013:12:26-20:17:41 somewhere34 openvpn[9364]: TCP connection established with [AF_INET]xx.yy.236.173:57894 (via [AF_INET]88.64.135.99:443)
2013:12:26-20:17:42 somewhere34 openvpn[9364]: xx.yy.236.173:57894 TLS: Initial packet from [AF_INET]xx.yy.236.173:57894 (via [AF_INET]88.64.135.99:443), sid=f656096f d58bcce6
2013:12:26-20:17:43 somewhere34 openvpn[9364]: xx.yy.236.173:57894 VERIFY OK: depth=0, C=de, L=jm, O=jm, CN=REF_SslSerJmtwFaken2
2013:12:26-20:17:43 somewhere34 openvpn[9364]: xx.yy.236.173:57894 VERIFY OK: depth=1, C=de, L=jm, O=jm, CN=jm VPN CA, emailAddress=jm@somedomain.de
2013:12:26-20:17:43 somewhere34 openvpn[9364]: xx.yy.236.173:57894 VERIFY OK: depth=1, C=de, L=jm, O=jm, CN=jm VPN CA, emailAddress=jm@somedomain.de
2013:12:26-20:17:43 somewhere34 openvpn[9364]: xx.yy.236.173:57894 VERIFY OK: depth=0, C=de, L=jm, O=jm, CN=REF_SslSerJmtwFaken2
2013:12:26-20:17:44 somewhere34 openvpn[9364]: xx.yy.236.173:57894 PLUGIN_CALL: POST /usr/lib/openvpn/plugins/openvpn-plugin-utm.so/PLUGIN_AUTH_USER_PASS_VERIFY status=2
2013:12:26-20:17:44 somewhere34 openvpn[9364]: xx.yy.236.173:57894 TLS: Username/Password authentication deferred for username 'REF_AaaUse2' [CN SET]
2013:12:26-20:17:44 somewhere34 openvpn[9364]: xx.yy.236.173:57894 Data Channel Encrypt: Cipher 'AES-192-CBC' initialized with 192 bit key
2013:12:26-20:17:44 somewhere34 openvpn[9364]: xx.yy.236.173:57894 Data Channel Encrypt: Using 128 bit message hash 'MD5' for HMAC authentication
2013:12:26-20:17:44 somewhere34 openvpn[9364]: xx.yy.236.173:57894 Data Channel Decrypt: Cipher 'AES-192-CBC' initialized with 192 bit key
2013:12:26-20:17:44 somewhere34 openvpn[9364]: xx.yy.236.173:57894 Data Channel Decrypt: Using 128 bit message hash 'MD5' for HMAC authentication
2013:12:26-20:17:44 somewhere34 openvpn[9364]: xx.yy.236.173:57894 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
2013:12:26-20:17:44 somewhere34 openvpn[9364]: xx.yy.236.173:57894 [REF_AaaUse2] Peer Connection Initiated with [AF_INET]xx.yy.236.173:57894 (via [AF_INET]88.64.135.99:443)
2013:12:26-20:17:46 somewhere34 openvpn[9364]: xx.yy.236.173:57894 PUSH: Received control message: 'PUSH_REQUEST'
2013:12:26-20:17:46 somewhere34 openvpn[9364]: xx.yy.236.173:57894 Delayed exit in 5 seconds
2013:12:26-20:17:46 somewhere34 openvpn[9364]: xx.yy.236.173:57894 SENT CONTROL [REF_AaaUse2]: 'AUTH_FAILED' (status=1)
2013:12:26-20:17:46 somewhere34 openvpn[9364]: xx.yy.236.173:57894 Connection reset, restarting [0]
2013:12:26-20:17:46 somewhere34 openvpn[9364]: xx.yy.236.173:57894 SIGUSR1[soft,connection-reset] received, client-instance restarting
2013:12:26-20:17:56 somewhere34 openvpn[9364]: TCP connection established with [AF_INET]xx.yy.236.173:57895 (via [AF_INET]88.64.135.99:443)
2013:12:26-20:17:57 somewhere34 openvpn[9364]: xx.yy.236.173:57895 TLS: Initial packet from [AF_INET]xx.yy.236.173:57895 (via [AF_INET]88.64.135.99:443), sid=e3527067 9e27b69e
2013:12:26-20:17:58 somewhere34 openvpn[9364]: xx.yy.236.173:57895 VERIFY OK: depth=0, C=de, L=jm, O=jm, CN=REF_SslSerJmtwFaken2
2013:12:26-20:17:58 somewhere34 openvpn[9364]: xx.yy.236.173:57895 VERIFY OK: depth=1, C=de, L=jm, O=jm, CN=jm VPN CA, emailAddress=jm@somedomain.de
2013:12:26-20:17:58 somewhere34 openvpn[9364]: xx.yy.236.173:57895 VERIFY OK: depth=1, C=de, L=jm, O=jm, CN=jm VPN CA, emailAddress=jm@somedomain.de
2013:12:26-20:17:58 somewhere34 openvpn[9364]: xx.yy.236.173:57895 VERIFY OK: depth=0, C=de, L=jm, O=jm, CN=REF_SslSerJmtwFaken2
2013:12:26-20:17:59 somewhere34 openvpn[9364]: xx.yy.236.173:57895 PLUGIN_CALL: POST /usr/lib/openvpn/plugins/openvpn-plugin-utm.so/PLUGIN_AUTH_USER_PASS_VERIFY status=2
2013:12:26-20:17:59 somewhere34 openvpn[9364]: xx.yy.236.173:57895 TLS: Username/Password authentication deferred for username 'REF_AaaUse2' [CN SET]
2013:12:26-20:17:59 somewhere34 openvpn[9364]: xx.yy.236.173:57895 Data Channel Encrypt: Cipher 'AES-192-CBC' initialized with 192 bit key
2013:12:26-20:17:59 somewhere34 openvpn[9364]: xx.yy.236.173:57895 Data Channel Encrypt: Using 128 bit message hash 'MD5' for HMAC authentication
2013:12:26-20:17:59 somewhere34 openvpn[9364]: xx.yy.236.173:57895 Data Channel Decrypt: Cipher 'AES-192-CBC' initialized with 192 bit key
2013:12:26-20:17:59 somewhere34 openvpn[9364]: xx.yy.236.173:57895 Data Channel Decrypt: Using 128 bit message hash 'MD5' for HMAC authentication
2013:12:26-20:17:59 somewhere34 openvpn[9364]: xx.yy.236.173:57895 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
2013:12:26-20:17:59 somewhere34 openvpn[9364]: xx.yy.236.173:57895 [REF_AaaUse2] Peer Connection Initiated with [AF_INET]xx.yy.236.173:57895 (via [AF_INET]88.64.135.99:443)
2013:12:26-20:18:01 somewhere34 openvpn[9364]: xx.yy.236.173:57895 PUSH: Received control message: 'PUSH_REQUEST'
2013:12:26-20:18:01 somewhere34 openvpn[9364]: xx.yy.236.173:57895 Delayed exit in 5 seconds
2013:12:26-20:18:01 somewhere34 openvpn[9364]: xx.yy.236.173:57895 SENT CONTROL [REF_AaaUse2]: 'AUTH_FAILED' (status=1)
2013:12:26-20:18:01 somewhere34 openvpn[9364]: xx.yy.236.173:57895 Connection reset, restarting [0]
2013:12:26-20:18:01 somewhere34 openvpn[9364]: xx.yy.236.173:57895 SIGUSR1[soft,connection-reset] received, client-instance restarting
2013:12:26-20:18:11 somewhere34 openvpn[9364]: TCP connection established with [AF_INET]xx.yy.236.173:57904 (via [AF_INET]88.64.135.99:443)
2013:12:26-20:18:12 somewhere34 openvpn[9364]: xx.yy.236.173:57904 TLS: Initial packet from [AF_INET]xx.yy.236.173:57904 (via [AF_INET]88.64.135.99:443), sid=421c36c3 59d5bda4
2013:12:26-20:18:14 somewhere34 openvpn[9364]: xx.yy.236.173:57904 VERIFY OK: depth=0, C=de, L=jm, O=jm, CN=REF_SslSerJmtwFaken2
2013:12:26-20:18:14 somewhere34 openvpn[9364]: xx.yy.236.173:57904 VERIFY OK: depth=1, C=de, L=jm, O=jm, CN=jm VPN CA, emailAddress=jm@somedomain.de
2013:12:26-20:18:14 somewhere34 openvpn[9364]: xx.yy.236.173:57904 VERIFY OK: depth=1, C=de, L=jm, O=jm, CN=jm VPN CA, emailAddress=jm@somedomain.de
2013:12:26-20:18:14 somewhere34 openvpn[9364]: xx.yy.236.173:57904 VERIFY OK: depth=0, C=de, L=jm, O=jm, CN=REF_SslSerJmtwFaken2
2013:12:26-20:18:14 somewhere34 openvpn[9364]: xx.yy.236.173:57904 PLUGIN_CALL: POST /usr/lib/openvpn/plugins/openvpn-plugin-utm.so/PLUGIN_AUTH_USER_PASS_VERIFY status=2
2013:12:26-20:18:14 somewhere34 openvpn[9364]: xx.yy.236.173:57904 TLS: Username/Password authentication deferred for username 'REF_AaaUse2' [CN SET]
2013:12:26-20:18:14 somewhere34 openvpn[9364]: xx.yy.236.173:57904 Data Channel Encrypt: Cipher 'AES-192-CBC' initialized with 192 bit key
2013:12:26-20:18:14 somewhere34 openvpn[9364]: xx.yy.236.173:57904 Data Channel Encrypt: Using 128 bit message hash 'MD5' for HMAC authentication
2013:12:26-20:18:14 somewhere34 openvpn[9364]: xx.yy.236.173:57904 Data Channel Decrypt: Cipher 'AES-192-CBC' initialized with 192 bit key
2013:12:26-20:18:14 somewhere34 openvpn[9364]: xx.yy.236.173:57904 Data Channel Decrypt: Using 128 bit message hash 'MD5' for HMAC authentication
2013:12:26-20:18:14 somewhere34 openvpn[9364]: xx.yy.236.173:57904 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
2013:12:26-20:18:14 somewhere34 openvpn[9364]: xx.yy.236.173:57904 [REF_AaaUse2] Peer Connection Initiated with [AF_INET]xx.yy.236.173:57904 (via [AF_INET]88.64.135.99:443)
2013:12:26-20:18:17 somewhere34 openvpn[9364]: xx.yy.236.173:57904 PUSH: Received control message: 'PUSH_REQUEST'
2013:12:26-20:18:17 somewhere34 openvpn[9364]: xx.yy.236.173:57904 Delayed exit in 5 seconds
2013:12:26-20:18:17 somewhere34 openvpn[9364]: xx.yy.236.173:57904 SENT CONTROL [REF_AaaUse2]: 'AUTH_FAILED' (status=1)
2013:12:26-20:18:17 somewhere34 openvpn[9364]: xx.yy.236.173:57904 Connection reset, restarting [0]
2013:12:26-20:18:17 somewhere34 openvpn[9364]: xx.yy.236.173:57904 SIGUSR1[soft,connection-reset] received, client-instance restarting