On Wed, Jul 20, 2011 at 9:40 AM, cbulist@gmail.com cbulist@gmail.comwrote:
On 7/20/2011 10:18 AM, Keith Roberts wrote:
On Wed, 20 Jul 2011, cbulist@gmail.com wrote:
To: centos@centos.org From: "cbulist@gmail.com"cbulist@gmail.com Subject: [CentOS] Iptables - flooding console
Hi,
We are trying to track some specific rules using LOG as target. Everything is working well but the problem is that iptables is flooding the console with LOG messages. We tried --log level 4 on iptables rules but it didn't work. We fixed the problem changing KLOGD_OPTIONS value in /etc/sysconfig/syslog to: KLOG_OPTIONS="-c 4"
Is it the best option or we are missing something?
Thanks in advance
I had this problem as well. The firewall logs were being sent (tailed/tee'd ?) to the console, which is a pain if you are using mc or any other console application.
To fix it on Centos 5.5/6 I just added the following to the top of the /etc/syslog.conf file.
Deleted these lines as not in use:
# Log all kernel messages to the console. # Logging much else clutters up the screen. #kern.* /dev/console
Replaced with: # Log all firewall messages to a file. kern.=debug /var/log/firewall-log
Obviously you need to make sure the firewall log file exists
-rw-r--r-- keith users 39039 Jul 20 15:24 firewall-log
Kind Regards,
Thanks Keith,
I tried your solution but it didn't work. (man 8 syslogd describes what you said) First I returned the default value on KLOG_OPTIONS, I restarted the syslog service but the iptables still continuous sending the log to console. I forget mention the info system:
CentOS 5.6
[root@server_56 ~]# uname -r 2.6.18-238.el5 [root@server_56 ~]# iptables -V iptables v1.3.5
Sincerely,
Julio
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
We prevent firewall messages from being logged to the console by setting kernel.printk in sysctl.conf.
kernel.printk = 3 4 1 7
Daniel