====== Disable IPtables Report in Logwatch ======
In my smaller environments I have logwatch enabled to send me a daily status email from the server. I find that the list of blocks by iptables on an Internet-connect host is very noisy.
--------------------- iptables firewall Begin ------------------------
Listed by source hosts:
Dropped 4397 packets on interface eth0
From 1.93.55.131 - 1 packet to tcp(3306)
From 1.93.55.159 - 1 packet to tcp(1322)
From 1.229.35.65 - 1 packet to udp(23509)
From 12.181.18.32 - 1 packet to tcp(5900)
From 14.216.108.81 - 3 packets to tcp(23)
From 23.94.244.79 - 2 packets to tcp(135)
From 24.159.201.122 - 1 packet to udp(23509)
From 37.59.42.95 - 1 packet to tcp(57966)
From 42.96.133.172 - 1 packet to tcp(1433)
From 46.239.121.16 - 1 packet to udp(123)
From 49.89.193.183 - 1 packet to tcp(23)
From 54.230.8.247 - 2 packets to tcp(10838)
From 58.175.244.168 - 4 packets to tcp(80,8080)
To disable the check, I remove the logfile source of the iptables check.
echo "services/iptables: LogFile =" >> /etc/logwatch/conf/override.conf