Re: [SLUG] iptables chatter

From: Andrew M Hoerter (
Date: Tue Sep 09 2003 - 20:56:07 EDT

On Tue, 9 Sep 2003, Paul M Foster wrote:

> The logged rejected packets are showing up on the open console, making
> it impossible to do anything on that machine while it's going on. I
> don't know why it's doing this. I've given iptables the "--log-level
> info" parameter. I assume the location to which this stuff is logged is
> governed by syslog.conf. But the section in the syslog.conf file that
> talks about info logging says it should be going to /var/log/messages.

What facility is iptables using when logging information? The effects of
syslog.conf can sometimes be subtle. I would look for "/dev/console" or
equivalent in syslog.conf and work back from there to see where the
messages are coming from. Syslog messages can also be sent to particular
users, so if it only happens when you're root, that's another clue as to
what syslog.conf lines are relevant.

If iptables is using the kernel logging facility rather than syslog,
then it's possible that the messages are bypassing syslogd entirely and
going straight to a console tty. But I don't exactly recall how this
works under Linux.

This list is provided as an unmoderated internet service by Networked
Knowledge Systems (NKS). Views and opinions expressed in messages
posted are those of the author and do not necessarily reflect the
official policy or position of NKS or any of its employees.

This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 20:27:28 EDT