iptables and stdout... god, I hate this!

TheIrish · 11-11-2003, 09:24 AM

Hi guys! Easy and quick question!
I set some rules in iptables script for doing some logging (notice level).
I added the following line in syslog.conf:
kern.notice /var/log/ipt.log
so I thought, we're ready for rock'n'roll... it works, alright, but why the hell it keeps sending its logs to the standard output too?
Maybe I'm idiot, but I can't find out.
Thanks!

unSpawn · 11-11-2003, 04:49 PM

Maybe check "egrep /etc/syslog.conf -e "^kern.*(cons|tty|std)""

markus1982 · 11-12-2003, 05:13 AM

I also have the same problem and did not find a solution yet so I'm looking forward for a solution. My syslog.conf looks like:

Code:

#  /etc/syslog.conf	Configuration file for syslogd.
#
#			For more information see syslog.conf(5)
#			manpage.


# --------------------------------------------------------------------
# logging by priority
# --------------------------------------------------------------------
*.=crit				/var/log/critical.log
*.=emerg			/var/log/emergency.log
*.=err				/var/log/error.log
*.=info;\
	cron.none;\
	kern.none;\
	mail.none;		/var/log/info.log
# --------------------------------------------------------------------



# --------------------------------------------------------------------
# logging by facility
# --------------------------------------------------------------------
auth,authpriv.*			/var/log/auth.log
cron.*				-/var/log/cron.log
daemon.*			-/var/log/daemon.log
kern.=info			-/var/log/kern.info
kern.*;kern.!=info;		-/var/log/kern.log
lpr.*				-/var/log/lpr.log
mail.*				-/var/log/mail.log
news.crit			/var/log/news/news.crit
news.err			/var/log/news/news.err
news.notice			-/var/log/news/news.notice
user.*				-/var/log/user.log
uucp.*				-/var/log/uucp.log
# --------------------------------------------------------------------



# --------------------------------------------------------------------
# logging to the virtual consoles (= display)
# --------------------------------------------------------------------
daemon,mail.*;\
	news.=crit;news.=err;news.=notice;\
	*.=debug;*.=info;\
	*.=notice;*.=warn	/dev/tty8
# --------------------------------------------------------------------

TheIrish · 11-12-2003, 10:09 AM

Unluckly, nothing should be going to any terminal... who knows...

repe · 11-13-2003, 02:28 AM

Quote:

# --------------------------------------------------------------------
# logging to the virtual consoles (= display)
# --------------------------------------------------------------------
daemon,mail.*;\
news.=crit;news.=err;news.=notice;\
*.=debug;*.=info;\
*.=notice;*.=warn /dev/tty8
# --------------------------------------------------------------------

unSpawn · 11-17-2003, 10:11 AM

Just thought of it, it's prolly the loglevel, as in syslog "facility.level".
If you've got magic sysrq keys, try "ALT+SYSRQ+5" and see if that goes away, or try adjusting the firewall scripts logrules with a different loglevel.