[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: iptables excess logging

From: "Lloyd H. Meinholz" <lloyd meinholz bmpcoe org>
To: General Red Hat Linux discussion list <redhat-list redhat com>
Subject: Re: iptables excess logging
Date: Tue, 05 Oct 2004 11:17:04 -0400

Here is a link to a pretty good article on iptables:

<http://www.informit.com/articles/article.asp?p=169573>

It has some good info on logging and limiting it. It helped me quite a
bit.

Lloyd


On Tue, 2004-10-05 at 11:01, menonrr jmu edu wrote:
> Hello Mark,
> 
> Thanks for the advice.
> 
> But now I have a new problem. The syslog logs millions of such
> entries:
> 
> Source and Destination to 127.0.0.1
> 
> Oct  5 10:35:17 nessusClient kernel: INPUT packets:IN=lo OUT=
> MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=127.0.0.1
> DST=127.0.0.1 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=30292 DF
> PROTO=TCP SPT=631 DPT=34189 WINDOW=32754 RES=0x00 ACK URGP=0 
> 
> Source = various ; Destination to 255.255.255.0
> 
> Oct  5 10:51:09 nessusClient kernel: INPUT eth1 Ext:IN=eth1
> OUT= MAC=ff:ff:ff:ff:ff:ff:00:08:74:ab:0d:27:08:00
> SRC=134.126.21.83 DST=255.255.255.255 LEN=68 TOS=0x00
> PREC=0x00 TTL=128 ID=39383 PROTO=UDP SPT=1226 DPT=7100 LEN=48
>  
> Can you advise how to make the log less cumbersome
> (--log-level?) and not log unnecesary information like traffic
> from 127.0.0.1 or broadcasts?
> 
> I am very thankful.
> 
> Menon

References:
- iptables excess logging
  - From: menonrr

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]