Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to
LinuxQuestions.org , a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free.
Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please
contact us . If you need to reset your password,
click here .
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a
virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month.
Click here for more info.
08-04-2006, 07:39 AM
#1
Member
Registered: Oct 2005
Distribution: Ubuntu - Edgy Eft
Posts: 173
Rep:
'dmesg' throws up garbage
I connect thru PPPOE! And I've set up my INET connection with 'pppoeconf'
But now when the PPP connection is established the DMESG log gets polluted with this:
Code:
[17181159.676000] Inbound IN=ppp0 OUT= MAC= SRC=221.209.110.45 DST=193.95.194.241 LEN=486 TOS=0x00 PREC=0x00 TTL=40 ID=0 DF PROTO=UDP SPT=49308 DPT=1027 LEN=466
[17181165.412000] Inbound IN=ppp0 OUT= MAC= SRC=200.88.50.148 DST=193.95.194.241 LEN=90 TOS=0x00 PREC=0x00 TTL=108 ID=21511 PROTO=UDP SPT=16988 DPT=32768 LEN=70
[17181186.240000] Inbound IN=ppp0 OUT= MAC= SRC=193.95.200.216 DST=193.95.194.241 LEN=48 TOS=0x00 PREC=0x00 TTL=126 ID=12455 DF PROTO=TCP SPT=4075 DPT=445 WINDOW=64800 RES=0x00 SYN URGP=0
[17181189.232000] Inbound IN=ppp0 OUT= MAC= SRC=193.95.200.216 DST=193.95.194.241 LEN=48 TOS=0x00 PREC=0x00 TTL=126 ID=12727 DF PROTO=TCP SPT=4075 DPT=445 WINDOW=64800 RES=0x00 SYN URGP=0
How to I disable PPPOE writting to DMESG?
Its very annyoing since I cant view the messeages now anymore!! And I have observed the same behavior on 2 computers!!!
Code:
ifconfig
##4 my lan
eth0 Link encap:Ethernet HWaddr 00:08:A1:75:1C:87
inet addr:192.168.1.1 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::208:a1ff:fe75:1c87/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:252 errors:0 dropped:0 overruns:0 frame:0
TX packets:157 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:23144 (22.6 KiB) TX bytes:22295 (21.7 KiB)
Interrupt:10 Base address:0xe400
##4 PPPOE connetion
eth1 Link encap:Ethernet HWaddr 00:08:A1:0E:0A:F9
inet6 addr: fe80::208:a1ff:fe0e:af9/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:28358 errors:0 dropped:0 overruns:0 frame:0
TX packets:22131 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:25787865 (24.5 MiB) TX bytes:2887201 (2.7 MiB)
Interrupt:3 Base address:0xe800
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:50 errors:0 dropped:0 overruns:0 frame:0
TX packets:50 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:3636 (3.5 KiB) TX bytes:3636 (3.5 KiB)
### The PPPOE connection
ppp0 Link encap:Point-to-Point Protocol
inet addr:193.77.18.15 P-t-P:213.250.19.90 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1492 Metric:1
RX packets:27803 errors:0 dropped:0 overruns:0 frame:0
TX packets:21717 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:3
RX bytes:25102751 (23.9 MiB) TX bytes:2396808 (2.2 MiB)
Using UBUNTU DAPPER
Last edited by Ashrack; 08-04-2006 at 07:40 AM .
08-04-2006, 09:38 AM
#3
Member
Registered: Oct 2005
Distribution: Ubuntu - Edgy Eft
Posts: 173
Original Poster
Rep:
How do I check my IPTABLES rule?
And also I checked that link but I still havent a clue what to do?
08-04-2006, 09:54 AM
#4
Senior Member
Registered: Feb 2002
Location: Szczecin, Poland
Distribution: Gentoo, Debian
Posts: 2,458
Rep:
do iptables-save to list them out.
The link depends on whether you have any -j LOG rules or not.
08-04-2006, 10:28 AM
#5
Member
Registered: Oct 2005
Distribution: Ubuntu - Edgy Eft
Posts: 173
Original Poster
Rep:
here's my output:
Code:
tom@ashrack:~$ sudo iptables-save |grep 'log'
-A INPUT -j LOG --log-prefix "Unknown Input" --log-level 6
-A FORWARD -j LOG --log-prefix "Unknown Forward" --log-level 6
-A LSI -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -m limit --limit 1/sec -j LOG --log-prefix "Inbound " --log-level 6
-A LSI -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK RST -m limit --limit 1/sec -j LOG --log-prefix "Inbound " --log-level 6
-A LSI -p icmp -m icmp --icmp-type 8 -m limit --limit 1/sec -j LOG --log-prefix "Inbound " --log-level 6
-A LSI -m limit --limit 5/sec -j LOG --log-prefix "Inbound " --log-level 6
-A LSO -m limit --limit 5/sec -j LOG --log-prefix "Outbound " --log-level 6
-A OUTPUT -j LOG --log-prefix "Unknown Output" --log-level 6
so what to do now? I've read your link but Im no closer to a sollution
Last edited by Ashrack; 08-04-2006 at 10:31 AM .
08-04-2006, 11:19 AM
#6
Senior Member
Registered: Feb 2002
Location: Szczecin, Poland
Distribution: Gentoo, Debian
Posts: 2,458
Rep:
Basically you need to install ulogd, make the changes to it's config file, make the changes to the /etc/logrotate.d/ulogd file, and change some iptables rules as per the link.
08-04-2006, 12:55 PM
#7
Member
Registered: Oct 2005
Distribution: Ubuntu - Edgy Eft
Posts: 173
Original Poster
Rep:
I did all of that! And after that I restarted /etc/init.d/ulogd
But in 'dmesg' I still get the netlink packets!
Probably I should restart it right, but is there a way I can achieve this without restarting it, since 5PCs are curently connected to this machine since this machine is responsible for ICS,DHCP,FileServer
Last edited by Ashrack; 08-04-2006 at 12:57 PM .
08-04-2006, 02:29 PM
#8
Senior Member
Registered: Feb 2002
Location: Szczecin, Poland
Distribution: Gentoo, Debian
Posts: 2,458
Rep:
What are your iptables rules using now?
-j ULOG --ulog-nlgroup x --ulog-prefix xxx ??
08-05-2006, 04:39 AM
#9
Member
Registered: Oct 2005
Distribution: Ubuntu - Edgy Eft
Posts: 173
Original Poster
Rep:
I restarted the server hoping it will work but I still get the same garbage in 'dmesg'
And heres the new output:
Code:
tom@ashrack:~$ sudo iptables-save |grep 'log'
-A INPUT -j LOG --log-prefix "Unknown Input" --log-level 6
-A FORWARD -j LOG --log-prefix "Unknown Forward" --log-level 6
-A LSI -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -m limit --limit 1/sec -j LOG --log-prefix "Inbound " --log-level 6
-A LSI -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK RST -m limit --limit 1/sec -j LOG --log-prefix "Inbound " --log-level 6
-A LSI -p icmp -m icmp --icmp-type 8 -m limit --limit 1/sec -j LOG --log-prefix "Inbound " --log-level 6
-A LSI -m limit --limit 5/sec -j LOG --log-prefix "Inbound " --log-level 6
-A LSO -m limit --limit 5/sec -j LOG --log-prefix "Outbound " --log-level 6
-A OUTPUT -j LOG --log-prefix "Unknown Output" --log-level 6
Hope this is what U want, cos I didnt quite understand what U meant with:
Quote:
What are your iptables rules using now?
-j ULOG --ulog-nlgroup x --ulog-prefix xxx ??
*edit:upon further examination I found that I dont have /proc/kmesg but instead its /proc/kmsg*
Could that be the problem++
Last edited by Ashrack; 08-05-2006 at 02:38 PM .
08-05-2006, 05:46 PM
#10
Senior Member
Registered: Feb 2002
Location: Szczecin, Poland
Distribution: Gentoo, Debian
Posts: 2,458
Rep:
Ok, don't do sudo iptables-save |grep 'log'
Just do iptables-save..
Any rules with -j LOG need to be changed to the suggested -j ULOG style.
I don't recognise the rules style, so I can't say where they are saved/stored..
08-05-2006, 05:53 PM
#11
LQ Newbie
Registered: Jun 2004
Posts: 14
Rep:
Try to configure your firewall script.
deVas
08-06-2006, 04:00 AM
#12
Member
Registered: Oct 2005
Distribution: Ubuntu - Edgy Eft
Posts: 173
Original Poster
Rep:
Quote:
Originally Posted by deVas
Try to configure your firewall script.
deVas
Am using FIRESTARTER! Where do I change the scripts then??
08-06-2006, 04:02 AM
#13
Member
Registered: Oct 2005
Distribution: Ubuntu - Edgy Eft
Posts: 173
Original Poster
Rep:
Quote:
Originally Posted by peter_robb
Ok, don't do sudo iptables-save |grep 'log'
Just do iptables-save..
Any rules with -j LOG need to be changed to the suggested -j ULOG style.
I don't recognise the rules style, so I can't say where they are saved/stored..
When doing 'sudo iptable-save'
THere are a lot of '-j LOG' but none -j ULOG style.
What to do now?
08-06-2006, 11:30 AM
#14
LQ Newbie
Registered: Jun 2004
Posts: 14
Rep:
I assume the firewall (script) put the iptables rules, so to be consitent with the firewall script (which will override your manual settings on every boot) change the firewall configuration.
Type
, try
Code:
zless /usr/share/docs/firestarter/README
or the www.
devas
08-07-2006, 12:22 PM
#15
Senior Member
Registered: Feb 2002
Location: Szczecin, Poland
Distribution: Gentoo, Debian
Posts: 2,458
Rep:
I'm not too sure Firestarter knows about the ULOG target..
Time to check!
All times are GMT -5. The time now is 07:25 AM .
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know .
Latest Threads
LQ News