No Logging
Often your network will see alot of broadcast traffic that is filling
up your logs, especially chatty protocols such as NetBIOS. You may
not want to log this traffic. Remeber our last rule that drops and
logs everything that is not explicity allowed? Well, we create a
rule before the Drop All rule that
drops the chatty traffic, but does NOT log it. We will also add ident,
an unreliable protocol used by mailservers to identify the user sending
mail. Notice how we use "Reject"
instead of "Drop". Reject quickly closes the connection by sending
RST packets. This helps increase the response time for mail, since
the ident protocol gets a "RST" instead of timeing out. For NetBIOS,
it does not matter. Keep in mind, if you are
not logging the traffic, this will make it more difficult to
troubleshoot if you have problems in the future. You may have to
temporarily disable the rule to troubleshoot specific NetBIOS or Ident issues.