On Wed, 2012-03-21 at 19:34 +0530, Ritesh Raj Sarraf wrote:
> On Tuesday 20 March 2012 09:14 PM, Jamie Strandboge wrote:
> > It isn't ufw that is doing the logging, it is the kernel via netfilter.
> > As such, logged policy vilations cannot be removed by ufw. For kern.log,
> > it is up to your syslog to put the messages where you want. With
> > standard syslog, there isn't really much you can do because netfilter
> > denials are logged at a priority that you would probably want to
> > otherwise see in your kern.log. ufw ships a sample configuration file
> > for use with rsyslog (see /etc/rsyslog.d/20-ufw.conf) that allows you to
> > log messages to /var/log/ufw.log.
> >
> > To remove the messages from dmesg, your only choice is to reduce your
> > logging level ('man ufw') or to add explicit allow/deny rules which
> > won't be logged.
>
> Can't the default setting be changed to not log violations when ufw's
> logging level is set to 'low'? You leave me with no choice: I certainly
> don't want to disable logging completely and setting 'low', which
> includes policy violations, floods the kernel log buffer.The definition of low is (man ufw): "logs all blocked packets not matching the default policy (with rate limiting), as well as packets matching logged rules." I suggest you either turn off logging altogether or insert rules that explicitly deny the things you don't want to see. -- Jamie Strandboge | http://www.canonical.com
signature.asc
Description: This is a digitally signed message part
