If you're like me, and you've checked and re-checked your syslog.conf to no avail, you may want to try: dmesg -n 1 I found that little tid-bit after three or four days of googling... -----Original Message----- From: netfilter-admin@xxxxxxxxxxxxxxxxxxx [mailto:netfilter-admin@xxxxxxxxxxxxxxxxxxx]On Behalf Of Joel Newkirk Sent: Monday, October 13, 2003 9:34 PM To: lucas Cc: iptables mailing list Subject: Re: iptables logs going to all ttys On Mon, 2003-10-13 at 18:58, lucas wrote: > Morning all, > > I have the following in my firewall script, and to my knowledge this is > meant to stop all logs from going to all ttys but this is not the case > and its a real *pain* in the ass. > > $IPTABLES -N drop-and-log-it > $IPTABLES -A drop-and-log-it -j LOG --log-level info > $IPTABLES -A drop-and-log-it -j DROP > > If someone could give me a hint as to what i have overlooked that would > be much appreciated, thanks Syslog configuration is probably what you missed. check /etc/syslog.conf. Very likely you have something like: kern.* /dev/console in there, which states that all kernel messages of whatever level will be sent to /dev/console. For myself, I disable the /dev/console setting, then add: kern.=debug /var/log/firewall kern.=warning /var/log/firewalladmin Unless you're running a custom kernel with debugging enabled, the first channel (debug) should be almost empty of traffic, ideal for redirection to a firewall-only log file with "--log-level debug". Everything of level 'info' or higher usually goes to /var/log/messages as well. j
