Possible to 'ignore'/'not log' packets?

There are a lot of connections initiated from my PC that are denied.. 90% by choice of course .. But the Denied list is rather cluttered with them because they are still logged there..

Is it possible to 'not log' packets that are targeted by a specific deny rule? So that only rules that trigger the catchall drop rule at the end are logged?

If not, would that not be a very handy feature?

 

There is no real memory/performance benefit from allowing that, only one of "visual clutter reduction" which is probably what you want. That isn't possible with GhostWall, though it does sound like a neat little thing to add.

 

You are right.. It has nothing to do with performance. But when I'm actively blocking a lot of connections and something isn't working it's now hard to see which packets are the culprit..

By reducing the clutter only to only packets matching the drop-all rule you can more easily 'fix' problems when they occur. (Especially if you have all those busy windows processes on your network constantly spamming you with netbios request :S)...

 

I do not know what the options are, but I would be willing to add it myself if I have access to the codebase..

I do have some other 'feature requests'/wishlist items on my list as well ..

Let me know if there are any options.

For what it's worth: Ghostwall is exactly what I'm looking for but could even be a bit better..

 

Have you thought about writting your own firewall ?

 

Of course.. But why reinvent the wheel when there is a nice basis to be had.. Especially with kernel-based modules so much can go wrong.. Why make the same mistakes as well.. :S..

Rather expand on a good basis and improve from there.. Benefits all the others as well instead of creating YAW (Yet Another Firewall).. Better create one great one..