With the kind help of several posters here on the forum, I have resolved this issue, and thought I would post the solution in case it helps others.
The problem turned out to be CUPS doing a broadcast to the broadcast IP, apparently advertizing it availability. This must be standard behaviour, as I have done zero configuration on CUPS - just a standard MDK 10.1 install, and addition of my Canon i950 printer.
I checked the CUPS configuration (point your browser at
http://localhost:631), but there were no options to control this behavior. Following a lead from one of the posters on this forum, I decided to solve the symptom, as opposed to the problem, which I cant seem to configure (CUPS broadcasting).
To turn off logging for the dropped broadcast messages, do the following as root:
- cd to /etc/shorewall
- edit the file "policy" in your favorite text editor.
- delete the word "info" from the two rules "net all" and "all all". Save and restart.
That did it for me. No more shorewall logs cluttering up dmesg output. I can now actually see the dmesg info - it used to be just a mass of shorewall logs (a "mess of shorewall logs?
), with "real" info interspersed here and there. No it is just "real" info.
Thanks to everyone who posted, and I hope that this may help a few folks.