On Sat, 5 Oct 2002 21:41:28 +0200 (CEST), Jean Francois Ortolo wrote: > After reading the klogd man, I see the default limit level value is > 7. Klogd makes all logging messages below this limit appear to the > console. > > At first time, It seemed to me this was the level number I could use > for > the '--log-level level' paramater of the LOG target. > > However, there were no further log message on my /var/log/messages > afterwards. So I decided to check all possible number from 5 to 7. > > Hups! At level 5, I have been getting some messages on the screen > yet. Time to increase the level number. > > I'll get the right number soon, I hope. >
It seems you have misunderstood it. Read "man syslog.conf" on what gets logged via syslogd and how you can control it. If you choose a '--log-level level' which is not covered by /etc/syslog.conf, the netfilter LOG target won't log anything in /var/log/messages, e.g. for "--log-level debug". The numerical log priorities are as follows: emerg (panic) = 0 alert = 1 crit = 2 err (error) = 3 warn (warning) = 4 notice = 5 info = 6 debug = 7 If you don't want klogd to copy some log messages onto the console, you could add an apprioriate option "-c level" to /etc/sysconfig/syslog and run "service syslog restart". By default it logs priorities "info" to "emerg". You could change it to "-c 6" and use "--log-level info" for your iptables script.
