On Wed, 2012-03-21 at 19:34 +0530, Ritesh Raj Sarraf wrote: > On Tuesday 20 March 2012 09:14 PM, Jamie Strandboge wrote: > > It isn't ufw that is doing the logging, it is the kernel via netfilter. > > As such, logged policy vilations cannot be removed by ufw. For kern.log, > > it is up to your syslog to put the messages where you want. With > > standard syslog, there isn't really much you can do because netfilter > > denials are logged at a priority that you would probably want to > > otherwise see in your kern.log. ufw ships a sample configuration file > > for use with rsyslog (see /etc/rsyslog.d/20-ufw.conf) that allows you to > > log messages to /var/log/ufw.log. > > > > To remove the messages from dmesg, your only choice is to reduce your > > logging level ('man ufw') or to add explicit allow/deny rules which > > won't be logged. > > Can't the default setting be changed to not log violations when ufw's > logging level is set to 'low'? You leave me with no choice: I certainly > don't want to disable logging completely and setting 'low', which > includes policy violations, floods the kernel log buffer.
The definition of low is (man ufw): "logs all blocked packets not matching the default policy (with rate limiting), as well as packets matching logged rules." I suggest you either turn off logging altogether or insert rules that explicitly deny the things you don't want to see. -- Jamie Strandboge | http://www.canonical.com
signature.asc
Description: This is a digitally signed message part