gustavo-iniguez-goya
commented
2 years ago Hi @carpii ,
I've got this feature working. Basically every rule will have a check [x] Don't log connections that will exclude the connections that match this rule from the daemon.
The only way to see if the rule is working (not this field in particular, but the rest of the fields) will be to check the log file opensnitchd.log
You didn't mention what version are you using, but it'll be added on the next version v1.6.0.
carpii
Summary:
I have a curl request running every few seconds (it actually pulls CCTV images to my desktop). But each request generates multiple firewall event logs, one on UDP 53 presumably for a DNS lookup, and then a TCP request to grab the content.
I now have over a million of these event logs in the database, and any sort of gui interaction (even just switching from Hosts to Applications tab), causes the GUI to lock up for about 3 minutes while it trawls through them all.
Would be very useful to have a rule option to exclude them from the event history, to improve performance and avoid this happening.
I know there's an option to limit the event log to N days, but I'd rather keep the less frequent event logs for a period of time