Tom Eastep wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Scott Ackerman wrote:
I realize that this is probably a pathetically simple issue but..... I
am running Shorewall 4.4.2.2 on a CentOS 5.3 64-bit box. I have read the
FAQ on this subject and I can't find any loglevels that are anything but
'info'. The output of 'cat /proc/sys/kernel/printk' is '6 4 1 7' so that
shouldn't be causing the problem either, nevertheless I am getting a lot
of Shorewall n2fw messages originating from 'net' to '$FW' that are
appearing on the console. sysctl.conf is showing that only kernel
messages are written to '/dev/console'.
Well, Netfilter message *are kernel messages*.
Beyond that, I don't know what to tell you:
[r...@centos shorewall]# cat /etc/redhat-release
CentOS release 5.3 (Final)
[r...@centos shorewall]# cat /proc/sys/kernel/printk
6 4 1 7
[r...@centos shorewall]# shorewall show log
Shorewall 4.4.2.3 Log (/var/log/messages) at centos.shorewall.net - Wed
Oct 21 15:54:05 PDT 2009
Counters reset Wed Oct 21 15:49:36 PDT 2009
Oct 21 15:50:03 net2fw:DROP:IN=eth0 OUT= SRC=172.20.1.254
DST=172.20.1.136 LEN=60 TOS=0x10 PREC=0x00 TTL=64 ID=27458 DF PROTO=TCP
SPT=33048 DPT=23 WINDOW=5840 RES=0x00 SYN URGP=0
Oct 21 15:50:06 net2fw:DROP:IN=eth0 OUT= SRC=172.20.1.254
DST=172.20.1.136 LEN=60 TOS=0x10 PREC=0x00 TTL=64 ID=27459 DF PROTO=TCP
SPT=33048 DPT=23 WINDOW=5840 RES=0x00 SYN URGP=0
[r...@centos shorewall]#
Yet no messages appeared on the console.
Maybe someone who is more familiar with CentOS/RHEL5 releases can be of
more help.
- -Tom
- --
Tom Eastep \ When I die, I want to go like my Grandfather who
Shoreline, \ died peacefully in his sleep. Not screaming like
Washington, USA \ all of the passengers in his car
http://shorewall.net \________________________________________________
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with CentOS - http://enigmail.mozdev.org/
iD8DBQFK35JqO/MAbZfjDLIRAiEgAKCLKiKUUhKyGrs8PEwZCU1gFJ1E4ACfcBDJ
pPqmNidn54/8x70s+v/drfI=
=UnnI
-----END PGP SIGNATURE-----
------------------------------------------------------------------------------
Come build with us! The BlackBerry(R) Developer Conference in SF, CA
is the only developer event you need to attend this year. Jumpstart your
developing skills, take BlackBerry mobile applications to market and stay
ahead of the curve. Join us from November 9 - 12, 2009. Register now!
http://p.sf.net/sfu/devconference
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
Something with selinux maybe? That wonderful service always seems to
cause more problems than it fixes.
The unofficial selinux faq recommends 7 7 1 7 to shut off console messages
Does dmesg -n 1 stop it?
Are you running auditd?
http://www.crypt.gen.nz/selinux/faq.html#L.1
--
Keith Mitchell
CTO
Productivity Associates, Inc.
5625 Ruffin Rd STE 220
San Diego, CA 92123
858-495-3528 (Direct)
858-495-3540 (Fax)
------------------------------------------------------------------------------
Come build with us! The BlackBerry(R) Developer Conference in SF, CA
is the only developer event you need to attend this year. Jumpstart your
developing skills, take BlackBerry mobile applications to market and stay
ahead of the curve. Join us from November 9 - 12, 2009. Register now!
http://p.sf.net/sfu/devconference
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
