On 12/18/06, Arden <[EMAIL PROTECTED]> wrote: > After installing iptables and the personal firewall script, from blfs- > book-cvs-html-2006-10-14, the console starts filling with output. > About every 25 seconds or so, the screen fills with messages from the > router. > > How do I keep the log FIREWALL:INPUT from displaying this? > > -from the network firewall script /etc/rc.d/rc.iptables > # Log everything else. What's Windows' latest exploitable vulnerability? > iptables -A INPUT -j LOG --log-prefix "FIREWALL:INPUT " > > thanks, Arden
This bothered me, also. The trouble comes from the linux kernel's logging facility. I think the default log level is 7, so messages with a higher priority level ( less than 7 ) get logged to the console. Unfortunately, the default of 7 is the lowest priority level. I took two measures to turn off console logging. modify the klogd startup line in /etc/rc.d/init.d/sysklogd so that the default console log level is not the lowest. I used 4. loadproc klogd -c 4 also, modify the iptables log rule to use a log-level of lower priority (higher number) than the console. I chose 5. Others choose 6. iptables -A INPUT -j LOG --log-prefix "FIREWALL:INPUT " --log-level 5 I believe FreeBSD logs all console messages to one particular console, which is a nice trick, and something I should work to figure out. ~rick -- http://linuxfromscratch.org/mailman/listinfo/blfs-support FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
