iptables output?
Bill Tangren
bjt at aa.usno.navy.mil
Thu Jun 23 20:22:50 UTC 2005
Joe Hood wrote:
> Why not just send them to a file? Or better yet, don't log broadcast
> messages from IPTables.
>
> On 6/13/05, Bill Tangren <bjt at aa.usno.navy.mil> wrote:
>
>>Ben Russo wrote:
>>
>>>Bill Tangren wrote:
>>>
>>>
>>>>I have configured iptables on my server, and now now I get output
>>>>going to my text windows (in the GUI, do a ctrl+alt+F1 to get to one
>>>>of them).
>>>
>>>...
>>>
>>>
>>>>Can anyone tell me how to redirect this output to /dev/null or
>>>>someplace else?
>>>>
>>>
>>>...
>>>
>>>
>>>>Any ideas?
>>>>
>>>
>>>Check your /etc/syslog.conf
>>>You probably have a line that says: kern.* /dev/console
>>>and maybe *.emerg *
>>>
>>>Look at your /etc/sysconfig/iptables file.
>>>you probably have a LOG target (-j LOG)
>>>you can set --log-level on that line in /etc/sysconfig/iptables
>>>
>>>I think those things are what you are looking for.
>>>
>>>-Ben.
>>>
>>
>>The line in /etc/syslog.conf is commented out, so it appears that
>>/dev/console is the default (man syslog.conf doesn't seem to say).
>>
>>Does anyone know if sending non critical errors to /dev/null harm anything?
>>
>>kern.info;kern.!err /dev/null
>>
>>
>>Thanks,
>>Bill
>>
>>--
I tried creating a log for the output by altering the /etc/syslog.conf
file. I changed :
#kern.* /dev/console
to
kern.* /var/log/iptables
This put the output into /var/log/iptables, but the output is STILL
going to /dev/console as well. Notice that the appropriate line in
syslog.conf was commented out initially.
I don't know how to stop the output going to /dev/console except for
stopping the logging of iptables output.
Anyone know what might be wrong?
Bill
More information about the redhat-list
mailing list