> Hi all! 'Forgive me for the title..' > > Is it normal for netfilter to add the 'so called -j LOG' to dmesg? > Netfilter logs to /var/log/messages, so how come when i type 'dmesg' in a terminal > i see debug and netfilter messages attached at the end? > > Is this normal?
Yes, totally normal. dmesg gives you a look at the window of memory that the kernel uses to communicate the "printk" kernel messages to the userlevel syslogd (really klogd) process. So with dmesg, you always see the last N lines sent by the kernel to syslogd. That's simply what dmesg is there for: debug that mechanism. Nothing to be afraid about. An 'strace' on the syslog process would show you exactly what is happening. It has nothing to do with netfilter/iptables. best regards Patrick
