Re: iptables log target logs everything to tty*. Why?
Would a shell redirection fill the bill? Admittedly, this is not as
clean as fixing a config file, so:
http://iptables-tutorial.frozentux.net/iptables-tutorial.html#LOGTARGET
looks like it has some meat to it. The suggestion of 'dmesg -n 1' would
be worth a shot anyhow. Thus endeth my expertise 8-(
And duh! The messages aren't being generated by the shell, but rather
by the kernel, so a shell redirection will be of no value.
--John
Erik Persson wrote:
> Hey!
>
> I'm running a debian sarge as a router for a network, and I'm using
> iptables. I need to log certain stuff from iptables, and I thus have
> rules like:
> ${PROG} -A FORWARD -i eth1 -o eth0 -p tcp --dport 135 -m limit
> --limit 1/s -j LOG --log-prefix "Blaster portscan "
>
> This however has the not so desirable side effect of writing every log
> message from iptables to all tty:s as well as to /var/log/messages.
> And I can tell you it is very annoying!
>
> First I just thought it had something to do with syslogd and checked
> syslogd.conf. I could not find any rule that would generate this
> behavior, but to be on the safe side I stopped syslogd.
> The messages kept on coming.
>
> Then I thought it might be klogd and I killed it off as well. The
> messages kept on coming on the ttys. Then I tried klogd -c 0 whithout
> any luck.
>
> Does anyone know how to get rid of this other than just removing the
> log rules from iptables?
>
> /Erik Persson.
>
>
Reply to: