Hello,
I have a script which contains iptables's commands and which works fine
as firewall, but I encounter a problem with the log:
in /var/log/kern.log I get a tone of lines of this type:
Jan 8 18:25:25 nameofmybox kernel: Inbound IN=eth0 OUT= MAC=00:e:4c:8:3:1:00:07:cb:31:9c:71:08:00 SRC= A.B.C.D DST=E.F.G.H LEN=64 TOS=0x00 PREC=0x00 TTL=41 ID=57486 DF PROTO=TCP SPT=3910 DPT=445 WINDOW=53760 RES=0x00 SYN URGP=16
( A.B.C.D and E.F.G.H are some addresses ... )
When I am in command line these lines are displayed continously and it is
impossible to work. (the problem doesn't happen on xwindow on an xterm )
The problem stops if I comment four lines of the script.
the four lines:
# iptables -A LSI -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -m limit --limit 1/sec -j LOG --log-prefix "Inbound " --log-level 6
# iptables -A LSI -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK RST -m limit --limit 1/sec -j LOG --log-prefix "Inbound " --log-level 6
# iptables -A LSI -p icmp -m icmp --icmp-type 8 -m limit --limit 1/sec -j LOG --log-prefix "Inbound " --log-level 6
# iptables -A LSI -m limit --limit 5/sec -j LOG --log-prefix "Inbound " --log-level 6
however, I think that these lines give interesting informations and I
would like to know how to keep them, but without that my file kern.log
grows inordinately.