Disable firewall logging for certain hosts/networks?

If you are seeing default drop entries for those hosts in the packetfilter.log you can create an explicit rule to drop that traffic.

Specific Host(s) >> Honeywell Port(s) >> Internet IPv4 :: DROP (no logging)

As long as you do not enable logging on that rule you shouldn't see any entries in the packetfilter.log.

You should always check the positioning of a deny rule as it will short-circuit any subsequent allow rules.

If you have a general rule with a drop for those ports and logging enabled then place the specific rule above it. The traffic matching the specific rule will get dropped un-logged and non matching traffic on those ports will show up in the logs.

If you are seeing default drop entries for those hosts in the packetfilter.log you can create an explicit rule to drop that traffic.

Specific Host(s) >> Honeywell Port(s) >> Internet IPv4 :: DROP (no logging)

As long as you do not enable logging on that rule you shouldn't see any entries in the packetfilter.log.

You should always check the positioning of a deny rule as it will short-circuit any subsequent allow rules.

If you have a general rule with a drop for those ports and logging enabled then place the specific rule above it. The traffic matching the specific rule will get dropped un-logged and non matching traffic on those ports will show up in the logs.

> You should always check the positioning of a deny rule as it will short-circuit any subsequent allow rules.

And by this I mean rules that would otherwise match will not work, not all subsequent rules.

Thanks! That worked.