Description
This article explains how to avoid syslog messages being sent when the FortiGate receives a broadcast packet.
Scope
All FortiOS versions.
Solution
Broadcast log messages can be generated by the FortiGate and logged to syslog as shown below:
Oct 13 07:32:34 172.20.73.112
date=2010-10-13
time=07:31:09
devname=fw-ext1
device_id=FGT60B3908621449
log_id=0038000007
type=traffic
subtype=other
pri=notice
status=deny
vd="root" src=192.168.41.202
srcname=192.168.41.202
src_port=3490 dst=255.255.255.255
dstname=255.255.255.255
dst_port=3490
service=65535/udp proto=17
app_type=N/A duration=0 rule=0
policyid=0
identidx=0 sent=0 rcvd=0
shaper_drop_sent=0 shaper_drop_rcvd=0 perip_drop=0 shaper_sent_name="N/A" shaper_rcvd_name="N/A" perip_name="N/A" vpn="N/A" src_int="dmz" dst_int="root" SN=46396774 app="N/A" app_cat="N/A" user="N/A" group="N/A" carrier_ep="N/A" |
To disable this type of message, up to and including FortiOS v4.0 MR2, then configure as follows:
|
FGT1KB3909600062 # config log syslogd filter
FGT1KB3909600062 (filter) # set other-traffic disable
|
The command 'set other-traffic' was renamed as 'set extended-traffic-log' in FortiOS v4.0 MR3.
FGT1KB3909600062 # config log syslogd filter
FGT1KB3909600062 (filter) # set extended-traffic-log disable |
