On Sunday 27 November 2005 11:27, Abhay Kedia wrote:
> /var/log/messages is getting flooded by iptables log. I can't see any
> helpful output by using dmesg. The kernel config says that ULOG is
> deprecated so I don't know how good it would be to use it. Also the
> kernel.log/kern.log is not getting updated with messages like
> connection of a USB device and all; so can't leave dmesg altogether.
To get a clearer /var/log/messages, you can use the f_notfirewall filter
proposed earlier in the thread, with something like :
log { source(src); filter(f_notfirewall); destination(messages); };
in syslog-ng.conf.
However dmesg will still be cluttered : I don't think you have any other
sane solution than ULOG for this.
Or maybe you should investigate why the usb messages are discarded ?
Regards,
Christophe
--
gentoo-security@gentoo.org mailing list
