Re: Iptables - flooding console

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

On Wed, Jul 20, 2011 at 9:40 AM, cbulist@xxxxxxxxx <cbulist@xxxxxxxxx> wrote:


On 7/20/2011 10:18 AM, Keith Roberts wrote:
> On Wed, 20 Jul 2011, cbulist@xxxxxxxxx wrote:
>
>> To: centos@xxxxxxxxxx
>> From: "cbulist@xxxxxxxxx"<cbulist@xxxxxxxxx>
>> Subject: Iptables - flooding console
>>
>> Hi,
>>
>> We are trying to track some specific rules using �LOG as target.
>> Everything is working well but the problem is that iptables is flooding
>> the console with LOG messages.
>> We tried --log level 4 on iptables rules but it didn't work.
>> We fixed the problem changing KLOGD_OPTIONS value in
>> /etc/sysconfig/syslog to:
>> KLOG_OPTIONS="-c 4"
>>
>> Is it the best option or we are missing something?
>>
>> Thanks in advance
> I had this problem as well. The firewall logs were being
> sent (tailed/tee'd ?) to the console, which is a pain if you
> are using mc or any other console application.
>
> To fix it on Centos 5.5/6 I just added the following
> to the top of the /etc/syslog.conf file.
>
> Deleted these lines as not in use:
>
> # Log all kernel messages to the console.
> # Logging much else clutters up the screen.
> #kern.* � � � � � � � � � � � /dev/console
>
>
> Replaced with:
> # Log all firewall messages to a file.
> kern.=debug � � �/var/log/firewall-log
>
> Obviously you need to make sure the firewall log file
> exists
>
> -rw-r--r-- �keith �users � �39039 Jul 20 15:24 firewall-log
>
> Kind Regards,
>
Thanks �Keith,

I tried your solution but it didn't work. (man 8 syslogd describes what
you said)
First I returned the default value on KLOG_OPTIONS, I restarted the
syslog service but the iptables still continuous sending the log to console.
I forget mention the info system:

CentOS 5.6

[root@server_56 ~]# uname -r
2.6.18-238.el5
[root@server_56 ~]# iptables -V
iptables v1.3.5

Sincerely,

Julio


_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

We prevent firewall messages from being logged to the console by setting kernel.printk in sysctl.conf.

kernel.printk = 3 4 1 7

Daniel

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux