Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 4 replies
  • Subscribers 2 subscribers
  • Views 3019 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Logfiles are getting bigger...

RoyM_old
Hello,

I'm quite new on the area of network protection so I hope you could have a bit of patience with me :-)

I'm running Sophos UTM 9.306-6 and I have log-files that grow bigger and bigger... Today after 19 hours my FireWall log was around 20mb... So I took the messages that you can see the most in the log and pasted it below. I have done a lot of reading and trying about this subject. Also read the 'Rulz' 'storie' but I can't figure it out. Could someone give me a direction/solution? 

Best regards,
Roy 


2015:01:31-00:00:25 utm ulogd[15669]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60002" initf="eth1" outitf="eth0" srcmac="44:6d:6c:63[:D]8:73" dstmac="00:e0:b4:0c:eb:5b" srcip="192.168.1.113" dstip="109.201.154.209" proto="17" length="149" tos="0x00" prec="0x00" ttl="63" srcport="48089" dstport="8080" 

2015:01:31-00:00:25 utm ulogd[15669]: id="2014" severity="info" sys="SecureNet" sub="packetfilter" name="DNS request" action="DNS request" fwrule="60011" initf="eth1" srcmac="44:6d:6c:63[:D]8:73" dstmac="00:e0:b4:0c:eb:5b" srcip="192.168.1.113" dstip="192.168.1.100" proto="17" length="67" tos="0x00" prec="0x00" ttl="64" srcport="28758" dstport="53" 

2015:01:31-00:00:36 utm ulogd[15669]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60002" initf="eth1" outitf="eth0" srcmac="88:75:56:05:11:aa" dstmac="00:e0:b4:0c:eb:5b" srcip="192.168.1.140" dstip="87.195.109.106" proto="17" length="76" tos="0x00" prec="0x00" ttl="63" srcport="34651" dstport="123" 

2015:01:31-00:00:59 utm ulogd[15669]: id="2021" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped (GEOIP)" action="drop" fwrule="60019" initf="eth0" srcmac="02:00:00:00:00:01" dstmac="00:e0:b4:0c:eb:5a" srcip="61.160.224.128" dstip="77.172.186.80" proto="6" length="40" tos="0x00" prec="0x00" ttl="237" srcport="60021" dstport="22" tcpflags="SYN" 

2015:01:31-00:01:25 utm ulogd[15669]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" mark="0x2048" app="72" srcmac="00:1d:73:5b:c5:a2" dstmac="00:e0:b4:0c:eb:5b" srcip="192.168.1.101" dstip="192.168.1.255" proto="17" length="251" tos="0x00" prec="0x00" ttl="64" srcport="138" dstport="138" 

2015:01:31-18:03:25 utm ulogd[25728]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60002" initf="eth1" outitf="eth0" srcmac="88:75:56:05:11:aa" dstmac="00:e0:b4:0c:eb:5b" srcip="192.168.1.140" dstip="192.168.178.3" proto="17" length="280" tos="0x18" prec="0xa0" ttl="63" srcport="16462" dstport="4008" 


This thread was automatically locked due to age.
Parents
  • 0
    Hello,

    I would like to thank you @BAlfson and @Scott_Klassen for taking the time and effort to read and answer my question. It helped me a lot!

    Best regards,
    Roy

    @BAlfson: My dns setting and Firewall setting weren't setup right
    @Scott_Klassen: [:D] I understand now the requierments of the disk size
Reply
  • 0
    Hello,

    I would like to thank you @BAlfson and @Scott_Klassen for taking the time and effort to read and answer my question. It helped me a lot!

    Best regards,
    Roy

    @BAlfson: My dns setting and Firewall setting weren't setup right
    @Scott_Klassen: [:D] I understand now the requierments of the disk size
Children
No Data