On 2007-01-17 17:40, Greg Wallace wrote:
> On Wednesday, January 17, 2007 @ 4:30 PM, Darryl Gregorash wrote:
>
>
>> On 2007-01-17 15:24, Greg Wallace wrote:
>>
>> <snip>
>>>
>>> Linux kernel: SFW2-IN-ACC-RELATED IN eth0
>>> ^^^
>>>
>
>
>> This is firewall logging. Why it is in /var/log/messages is a mystery,
I may have found it. Try this:
grep SFW2 /var/log/messages | grep IN=
Then this:
grep IN= /etc/syslog-ng/syslog-ng.conf.in
The second command will probably output a line like this:
filter f_iptables { facility(kern) and match("IN=") and match("OUT="); };
However, in the log entry you posted, the text is "IN", not "IN=". No
match, so subsequent rules dump the entry to /var/log/messages. This is
possibly a bug in the iptables logging module, ipt_LOG, for that kernel
version.
BTW, what is the result of this:
ls -l /var/log/firewall
If it is zero size, or doesn't exist at all, you can just edit
/etc/syslog-ng/syslog-ng.conf.in to read "IN " vs. "IN=", run
'SuSEconfig --module syslog-ng', and carry on (until the hiccup is
fixed, then you'd have to reverse the change :-) ). Note: edit the
.conf.in file, not the .conf file, or you will lose the changes when
suseconfig is run.
--
The best way to accelerate a computer running Windows is at 9.81 m/s²
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
