LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Software (https://www.linuxquestions.org/questions/linux-software-2/)
-   -   IPtables logs, coming to *tty and in dmesg (https://www.linuxquestions.org/questions/linux-software-2/iptables-logs-coming-to-%2Atty-and-in-dmesg-709342/)

alok.rhct 03-05-2009 05:42 AM
IPtables logs, coming to *tty and in dmesg
 
Hi GURUS,
I have configured iptables to log all incoming packets in a separate file at /var/log location.
which is working fine, but the problem is :
--The logs are displayed to all terminal , dmesg along with the actual file (i.e /var/log/firewall.log)

My syslog contains :
##DUMP FIREWALL LOG : Added by Firewall Script
kern.warn /var/log/firewall.log
kern.info /var/log/firewall.log

I come to know about dmesg LEVEL , using which , firewall messages can be avoided on dmesg, but have no idea about how to use it.
So it will be great help if any one can help me in fixing this issue (with dmesg /or any other way), also if possible , provide me some link , so that I can get full information about these Dmesg LEVELS. (what are the different level and how to use it ??).

After googling around, i tried to fix this by changing the /proc/sys/kernel/printk value.
FYI, my system current printk value is "3 4 1 7 "
I have no idea , what these value stands for , but it's not able to save my dmesg problem.

Thanks in advance for your suggestions.

unSpawn 03-05-2009 05:59 PM
Quote:
Originally Posted by alok.rhct (Post 3465613)
I come to know about dmesg LEVEL , using which , firewall messages can be avoided on dmesg, but have no idea about how to use it. (..) get full information about these Dmesg LEVELS.
Check 'man dmesg' (usage) which leads to 'man 8 syslogd' (syslog daemon nfo) which leads to 'man 3 syslog' (facility/priority) and 'man 2 syslog' (loglevel aka facility listing). You'll find using 'dmesg' is like 'dmesg -n n' where n is a facility between 0 and 7.

alok.rhct 04-02-2009 01:35 AM
Thanks for your suggestion but still i am not able to fix it and need help !
Problem is when ever I try to enable log option (with level warn and redirect it to file in syslog.conf [as keren.warn filename]), it start logging to file as well as on screen/terminal, due to which my system accessibility get suffered.
Is there any way to fix it , so that log msg go only to mentioned file not to screen or dmesg.

I am in dark and need some light to fix it.

Thanks for your help in advance
alok

unSpawn 04-02-2009 02:16 AM
Please post what you tried (actual commands) and contents of syslog.conf?

alok.rhct 04-02-2009 04:37 AM
HI,
Below are the steps I followed to log iprules;
-- Enable iptables log by
: iptables -I INPUT 1 -p tcp -s x.x.x.x -i eth0 -j LOG --log-prefix CH-IN: ALL tcp packets --log-level warn
--Setup syslog to log this to file at /var/log/firewall.log
: vi /etc/syslog.conf ;
kern.warn /var/log/firewall.log
kern.info /var/log/firewall.log
kern.none /dev/console

But still the log message are at console along with dmesg and firewall.log

--alok


All times are GMT -5. The time now is 10:36 PM.