At 01:04 PM 12/4/02, you wrote:
I run iptables firewall on all my servers, everything works great except all of the dropped packet messages show up on my console. My syslog.conf files states theIf the messages are being printed to the console then the priority of the kernel message is too high. The lower the priority number the higher the priority. Giving klogd the -c 4 flag will cause all kernel messages with a priority < 4 to be displayed on the console.
following:
kern.* /var/log/kernel
Subsequently, all of my iptables messages get logged to /var/log/kernel, as well as to the console. I use SSH to access my boxes, so the console logging does not
bother me as much. In any event that I am actually at the console, however, it proves to be a hinderance. I've looked on google and have found a couple of
solutions, namely this one, which I have implemented:
run klogd with the following options: -c 4 -2
This does not appear to work, either. Any suggestions?
You can set your log level in your iptables command.
/sbin/iptables -A ping-flood -m limit --limit-burst 1 -j LOG --log-level 5 --log-prefix "Ping
flood: "
now if klogd is run with -c 4 my ping flood logs will not be displayed to the console.
--
Mark Lane
Hard Data Ltd.
mailto:[EMAIL PROTECTED]
Telephone: 01-780-456-9771
FAX: 01-780-456-9772
11060 - 166 Avenue
Edmonton, AB, Canada
T5X 1Y3
http://www.harddata.com/
--> Ask me about our Affordable Alpha Systems! <--
BEGIN:VCARD VERSION:2.1 N:Lane;Mark FN:Mark Lane ORG:Hard Data Ltd. TITLE:Sales TEL;WORK;BUSINESS:780-456-9771 TEL;WORK;VOICE:780-456-9771 TEL;WORK;FAX:780-456-9772 ADR;WORK:;;11060 - 166 Avenue;Edmonton;AB;T5X1Y3;Canada LABEL;WORK;ENCODING=QUOTED-PRINTABLE:11060-166 Avenue=0D=0AEdmonton, AB T5X1Y3=0D=0ACanada URL;WORK:http://www.harddata.com EMAIL;PREF;INTERNET:[EMAIL PROTECTED] REV:20010222T231737Z END:VCARD
