On Dec 18, 2006, at 9:47 PM, Rick Shelton wrote: > On 12/18/06, Arden <[EMAIL PROTECTED]> wrote: >> After installing iptables and the personal firewall script, from >> blfs- >> book-cvs-html-2006-10-14, the console starts filling with output. >> About every 25 seconds or so, the screen fills with messages from the >> router. >> >> How do I keep the log FIREWALL:INPUT from displaying this? >> >> -from the network firewall script /etc/rc.d/rc.iptables >> # Log everything else. What's Windows' latest exploitable >> vulnerability? >> iptables -A INPUT -j LOG --log-prefix "FIREWALL:INPUT " >> >> thanks, Arden > > This bothered me, also. > The trouble comes from the linux kernel's logging facility. > I think the default log level is 7, so messages with a higher > priority level > ( less than 7 ) get logged to the console. Unfortunately, the > default of 7 > is the lowest priority level. I took two measures to turn off > console logging. > > modify the klogd startup line in /etc/rc.d/init.d/sysklogd > so that the default console log level is not the lowest. > I used 4. > > loadproc klogd -c 4 > > also, modify the iptables log rule to use a log-level of lower > priority > (higher number) than the console. I chose 5. Others choose 6. > > iptables -A INPUT -j LOG --log-prefix "FIREWALL:INPUT " --log-level 5 > > I believe FreeBSD logs all console messages to one particular console, > which is a nice trick, and something I should work to figure out. > > ~rick
Thanks Rick, it works for me and your explanation filled a gap in my knowledge. Arden -- http://linuxfromscratch.org/mailman/listinfo/blfs-support FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
