On Wed, 2005-05-25 at 13:07, Peter Farrow wrote:
Hi john,
I want to stop it logging to *all* the consoles, and limit it to just one of the virtual consoles if poss, it does log to var/log/messages as well where I run a perl script to check for "naughtiness" so I am covered in that respect, its just a pain with it logging to the console when you want to use the console....
I actually found iptables still logs to the console whatever settings you have in syslogd.conf and /etc/sysconfig/syslog.
I also found iptables still logs to the console even if you kill klogd and syslogd altogether (how bizarre)...
So in the end I modified /etc/sysctl.conf and added this line:
kernel.printk = 3 4 1 7
then did a sysctl -p
and that seems to have done it.... while still logging fully to /var/log/messages
P.
Hi,
you could also modify the log statement of iptables using the options --log-level level Level of logging (numeric or see syslog.conf(5)) --log-prefix prefix Prefix log messages with the specified prefix; up to 29 letters long, and useful for distinguishing messages in the logs.
Use log-level 7 and assign a log-prefix of your choice. The high log-level will already prevent the logs appear on the console with the default dmesg setting of 4.
Then use syslog-ng instead of klogd/syslog to filter the logs on the log-prefix and define a destination to the tty of your choice.