From 7f5bdfaa0432469e6e18c0152169e4ddb2aad6f5 Mon Sep 17 00:00:00 2001
From: Anandkumar Patel <anand@runnable.com>
Date: Fri, 10 Mar 2017 16:56:19 -0800
Subject: [PATCH] remove psad logging

---
 lib/iptables.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/lib/iptables.sh b/lib/iptables.sh
index 781d273..29bd78c 100644
--- a/lib/iptables.sh
+++ b/lib/iptables.sh
@@ -12,10 +12,10 @@ iptables::run_rules() {
 
   # drop all new traffic from container ip to runnable infra
   iptables -I FORWARD -s ${DOCKER_NETWORK} -d 10.0.0.0/8 -m state --state NEW -j DROP
-  # log container traffic for PSAD
-  iptables -I FORWARD -s ${DOCKER_NETWORK} -j LOG
+
   # drop all local container to container traffic
   iptables -I FORWARD -s ${DOCKER_NETWORK} -d ${DOCKER_NETWORK} -j DROP
+
   # allow consul access (should be before drop)
   iptables -I FORWARD -s ${DOCKER_NETWORK} -d ${CONSUL_HOSTNAME} -j ACCEPT