[PLUG] Testing iptables rules
Charles Sliger
chaz at bctonline.com
Mon Mar 6 17:46:22 UTC 2006
-----Original Message-----
From: plug-bounces at lists.pdxlinux.org
[mailto:plug-bounces at lists.pdxlinux.org] On Behalf Of
plug_0 at robinson-west.com
Sent: Saturday, March 04, 2006 2:41 PM
To: General Linux/UNIX discussion and help; civil and on-topic
Subject: RE: [PLUG] Testing iptables rules
Quoting Charles Sliger <chaz at bctonline.com>:
> -----Original Message-----
> From: plug-bounces at lists.pdxlinux.org
> [mailto:plug-bounces at lists.pdxlinux.org] On Behalf Of
> plug_0 at robinson-west.com
> Sent: Wednesday, March 01, 2006 9:31 PM
> To: General Linux/UNIX discussion and help; civil and on-topic
> Subject: Re: [PLUG] Testing iptables rules
>
> Using iptables -A INPUT -j LOG --log-prefix="...: " seems to help.
> Except for one major headache on my Fedora Core 3 system, undesired
> logging to the console. Nothing like trying to vim in one Xterm
> while you watch /var/log/messages on another only to have the
> messages muddy up your editing window. I could use good
> documentation on how to prevent logging to the screen for
> Redhat and Fedora systems. I don't know if this happens a lot
> because of bugs or if there is a simple change that can be done
> to syslog.conf. Maybe the kernel logger is to blame, but where
> is the kernel logger's config file??? This problem doesn't seem
> to really be distro specific.
>
> -------------------------------------------------
> This mail sent through IMP: http://horde.org/imp/
> _______________________________________________
>
> [chaz> ] Mike,
> Yes, klogd is the culprit. Make the following config change:
>
> /etc/sysconfig/syslog
> KLOGD_OPTIONS="-x -c 3"
> Sets the default console log level to 3 (ERR).
> This stops iptables log messages from being displayed on the console.
> Regards,
> Chaz
> Charles L. Sliger, Information Systems Engineer, chaz at bctonline.com
> "No matter where you go, there you are..."
> _______________________________________________
Looked at klogd man page, says that the definition of the error
levels is in kernel.h. Well, these aren't under
/usr/include/linux/kernel.h on my Redhat 7.3 system.
Odd.
I could just say anything higher than level 3 and call it good...
Michael C. Robinson
-------------------------------------------------
[chaz> ]
I'm not that familiar with RH-7.3
It might be substantially different from RH-9 or CenOS 4.2
I'd still suspect klogd though...
-chaz
More information about the PLUG
mailing list