[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: Fwd: IPtables logs, coming to *tty and in dmesg

From: Rick Stevens <ricks nerd com>
To: Getting started with Red Hat Linux <redhat-install-list redhat com>
Subject: Re: Fwd: IPtables logs, coming to *tty and in dmesg
Date: Fri, 10 Apr 2009 10:16:57 -0700

alok pandey wrote:

Hi GURUS,
I have configured iptables to log all incoming packets in a separate file at
/var/log location.
which is working fine, but the problem is :
--The logs are displayed to all terminal, dmesg along with the actual file
(i.e /var/log/firewall.log)

My syslog contains :
##DUMP FIREWALL LOG : Added by Firewall Script
kern.warn /var/log/firewall.log
kern.info /var/log/firewall.log


Why two?  Are you using two different levels of logging in iptables?

kern.none  /dev/console



After googling around, i tried to fix this by changing the
/proc/sys/kernel/printk value.
FYI, my system current printk value is "3 4 1 7 "
I have no idea , what these value stands for , but it's not able to save my
dmesg problem.


Unless you know what you're doing, don't screw with things in /proc.
Bad idea.

By default, klogd (the kernel logger) will send any message that has a
priority lower than 7 (DEBUG) to the console and that's why your stuff
is appearing.  If you change your iptables logging to "--log-level=7",
change the /etc/syslog.conf to

	kern.debug	/var/log/firewall.log

and restart the kernel and system loggers ("service syslog restart"),
you should be fine.  If you want to change the level at which klogd
starts sending things to the console, edit /etc/sysconfig/syslog and
add "-c n" to the "KLOGD_OPTIONS" line, e.g.

	KLOGD_OPTIONS="-x -c 5"

This will make klogd only send messages lower than priority 5
(LOG_NOTICE) to the console.
----------------------------------------------------------------------
- Rick Stevens, Systems Engineer                      ricks nerd com -
- AIM/Skype: therps2        ICQ: 22643734            Yahoo: origrps2 -
-                                                                    -
- A friend said he climbed to the top of Mount Rainier.  My view is  -
-    that if there's no elevator, it must not be that interesting.   -
----------------------------------------------------------------------

References:
- Fwd: IPtables logs, coming to *tty and in dmesg
  - From: alok pandey

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]