[CentOS] Iptables - flooding console

Wed Jul 20 15:18:21 UTC 2011
Keith Roberts <keith at karsites.net>

On Wed, 20 Jul 2011, cbulist at gmail.com wrote:

> To: centos at centos.org
> From: "cbulist at gmail.com" <cbulist at gmail.com>
> Subject: [CentOS] Iptables - flooding console
> 
> Hi,
>
> We are trying to track some specific rules using  LOG as target.
> Everything is working well but the problem is that iptables is flooding
> the console with LOG messages.
> We tried --log level 4 on iptables rules but it didn't work.
> We fixed the problem changing KLOGD_OPTIONS value in
> /etc/sysconfig/syslog to:
> KLOG_OPTIONS="-c 4"
>
> Is it the best option or we are missing something?
>
> Thanks in advance

I had this problem as well. The firewall logs were being 
sent (tailed/tee'd ?) to the console, which is a pain if you 
are using mc or any other console application.

To fix it on Centos 5.5/6 I just added the following 
to the top of the /etc/syslog.conf file.

Deleted these lines as not in use:

# Log all kernel messages to the console.
# Logging much else clutters up the screen.
#kern.*                       /dev/console


Replaced with:
# Log all firewall messages to a file.
kern.=debug      /var/log/firewall-log

Obviously you need to make sure the firewall log file 
exists

-rw-r--r--  keith  users    39039 Jul 20 15:24 firewall-log

Kind Regards,

Keith Roberts
-----------------------------------------------------------------
Websites:
http://www.karsites.net
http://www.php-debuggers.net
http://www.raised-from-the-dead.org.uk

All email addresses are challenge-response protected with
TMDA [http://tmda.net]
-----------------------------------------------------------------