[CentOS] Iptables - flooding console

Wed Jul 20 17:41:45 UTC 2011
Daniel DeFreez <defreezda at sou.edu>

On Wed, Jul 20, 2011 at 9:40 AM, cbulist at gmail.com <cbulist at gmail.com>wrote:

>
>
> On 7/20/2011 10:18 AM, Keith Roberts wrote:
> > On Wed, 20 Jul 2011, cbulist at gmail.com wrote:
> >
> >> To: centos at centos.org
> >> From: "cbulist at gmail.com"<cbulist at gmail.com>
> >> Subject: [CentOS] Iptables - flooding console
> >>
> >> Hi,
> >>
> >> We are trying to track some specific rules using  LOG as target.
> >> Everything is working well but the problem is that iptables is flooding
> >> the console with LOG messages.
> >> We tried --log level 4 on iptables rules but it didn't work.
> >> We fixed the problem changing KLOGD_OPTIONS value in
> >> /etc/sysconfig/syslog to:
> >> KLOG_OPTIONS="-c 4"
> >>
> >> Is it the best option or we are missing something?
> >>
> >> Thanks in advance
> > I had this problem as well. The firewall logs were being
> > sent (tailed/tee'd ?) to the console, which is a pain if you
> > are using mc or any other console application.
> >
> > To fix it on Centos 5.5/6 I just added the following
> > to the top of the /etc/syslog.conf file.
> >
> > Deleted these lines as not in use:
> >
> > # Log all kernel messages to the console.
> > # Logging much else clutters up the screen.
> > #kern.*                       /dev/console
> >
> >
> > Replaced with:
> > # Log all firewall messages to a file.
> > kern.=debug      /var/log/firewall-log
> >
> > Obviously you need to make sure the firewall log file
> > exists
> >
> > -rw-r--r--  keith  users    39039 Jul 20 15:24 firewall-log
> >
> > Kind Regards,
> >
> Thanks  Keith,
>
> I tried your solution but it didn't work. (man 8 syslogd describes what
> you said)
> First I returned the default value on KLOG_OPTIONS, I restarted the
> syslog service but the iptables still continuous sending the log to
> console.
> I forget mention the info system:
>
> CentOS 5.6
>
> [root at server_56 ~]# uname -r
> 2.6.18-238.el5
> [root at server_56 ~]# iptables -V
> iptables v1.3.5
>
> Sincerely,
>
> Julio
>
>
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos
>

We prevent firewall messages from being logged to the console by setting
kernel.printk in sysctl.conf.

kernel.printk = 3 4 1 7

Daniel
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.centos.org/pipermail/centos/attachments/20110720/dff52172/attachment-0004.html>