[nzlug] How to keep iptables log messages out of dmesg?
Daniel Lawson
daniel at meta.net.nz
Sat Mar 1 09:44:35 NZDT 2008
>
> (unless you use ULOG, which uses netlink magic to send the log
> messages
> to a program).
>
> As for keeping it out of dmesg, unfortunately the entire functionality
> of dmesg is to output the kernel log buffer.
>
> So the solution is
> a) Ignore the problem
> b) Stop logging
> c) Use ULOG. Mmm, magic.. need someone else who's played with that to
> pipe up.
ULOG isn't difficult to setup, although there are a number of steps
you need to get right first:
* Have a working ULOG daemon. I never had any luck with ulogd, but
specter works pretty well
* Configure your ULOG daemon properly - the default config should
work, but you'll need to take note of the nlgroup parameters
* Fix your iptables script.
Assuming you have specter set up and running, listening for nlgroup 6,
your iptables line should have the following bits in it:
--jump ULOG --ulog-nlgroup 6 --ulog-prefix "Firewall: "
You'll need to get rid of any --log* options, and obviously change the
--jump LOG to --jump ULOG
More information about the NZLUG
mailing list