Re: iptables log target logs everything to tty*. Why?

[Cameron Hutchison <lists@xdna.net>]

Erik Persson wrote:

>I'm running a debian sarge as a router for a network, and I'm using 
>iptables. I need to log certain stuff from iptables, and I thus have 
>rules like:
>${PROG} -A FORWARD -i eth1 -o eth0 -p tcp --dport 135 -m limit
>  --limit 1/s -j LOG --log-prefix "Blaster portscan "

>This however has the not so desirable side effect of writing every log 
>message from iptables to all tty:s as well as to /var/log/messages. And 
>I can tell you it is very annoying!

There are two things to look at.

man iptables

This will show you how to set the log level of the messages logged via
the LOG target. My man page does not say what the default is.

man klogd

This describes the "-c" argument to klogd that sets the level that
a kernel message must be logged at to be sent to the console. The -c
argument can be set in the /etc/init.d/klogd script that starts klogd. Be
sure to read the part after the OPTIONS section where it describes -c
in more detail.

You may also want to cat /proc/sys/kernel/printk to see what the current
settings for console logging is. The first number of the four printed
is the console log level (man proc, search for printk).