https://jira.sw.ru/browse/PSBM-54183
With these patches, iptables LOG is printed into CT's dmesg buffer. Yet it doesn't show in /var/log/messages and I believe the reason is the absence of /dev/kmsg in CT (and rsyslog doesn't do redirection for log entries thou). Dev kmsg is virtualized, so looks like nothing prevents adding it to libvzctl list of devtmpfs devices: https://github.com/OpenVZ/libvzctl/blob/55ebf21b03d408f0faaaecaab08b74eb2dce0e70/lib/env.c#L614 Also it should fix follow-log for `dmesg -w`. These patches make iptables LOG visible in CT's `dmesg`. Dmitry Safonov (3): ve/printk: add ve_log_printk() for log in !current->task_ve netfilter: rectify nflog inside CT netfilter: rectify ebtlog inside CT include/linux/printk.h | 7 +++++++ include/net/netfilter/nf_log.h | 2 +- kernel/printk.c | 16 ++++++++++++++++ net/bridge/netfilter/ebt_log.c | 35 ++++++++++++++++------------------- net/ipv4/netfilter/nf_log_ipv4.c | 6 +----- net/ipv6/netfilter/nf_log_ipv6.c | 6 +----- net/netfilter/nf_log.c | 4 ++-- 7 files changed, 44 insertions(+), 32 deletions(-) -- 2.11.0 _______________________________________________ Devel mailing list Devel@openvz.org https://lists.openvz.org/mailman/listinfo/devel