Would a shell redirection fill the bill? Admittedly, this is not as clean as fixing a config file, so:
http://iptables-tutorial.frozentux.net/iptables-tutorial.html#LOGTARGET looks like it has some meat to it. The suggestion of 'dmesg -n 1' would be worth a shot anyhow. Thus endeth my expertise 8-( And duh! The messages aren't being generated by the shell, but rather by the kernel, so a shell redirection will be of no value. --John Erik Persson wrote: > Hey! > > I'm running a debian sarge as a router for a network, and I'm using > iptables. I need to log certain stuff from iptables, and I thus have > rules like: > ${PROG} -A FORWARD -i eth1 -o eth0 -p tcp --dport 135 -m limit > --limit 1/s -j LOG --log-prefix "Blaster portscan " > > This however has the not so desirable side effect of writing every log > message from iptables to all tty:s as well as to /var/log/messages. > And I can tell you it is very annoying! > > First I just thought it had something to do with syslogd and checked > syslogd.conf. I could not find any rule that would generate this > behavior, but to be on the safe side I stopped syslogd. > The messages kept on coming. > > Then I thought it might be klogd and I killed it off as well. The > messages kept on coming on the ttys. Then I tried klogd -c 0 whithout > any luck. > > Does anyone know how to get rid of this other than just removing the > log rules from iptables? > > /Erik Persson. > > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
