Ptoblem solved (was: Iptables logging under Debian)

Walter Dnes waltdnes-SLHPyeZ9y/tg9hUCZPvPmw at public.gmane.org
Wed Dec 31 21:09:43 UTC 2003 

On Tue, Dec 30, 2003 at 03:06:27PM -0500, Mike Waychison wrote

> You need to turn down the kernel's logging to the console.  This is done 
> by the kernel.printk sysctl or by writing to the four values to 
> /proc/sys/kernel/printk :
> 
> echo "5 4 1 5" > /proc/sys/kernel/printk

  I've finally figured out what happened.  What's personally satisfying
is that I've also figured out why it didn't log in the past, but logs
today.

  In the past *ALL* logging was handled by sysklogd, which  dutifully
follows the instructions in syslog.conf.  The kernel maintainers, in
their infinite wisdom, have recently decided to split the logging
functions between klogd and sysklogd.  According to the klogd manpage

       The functionality of klogd has been typically incorporated
       into other versions of syslogd but this seems to be a poor
       place for it.  In the modern Linux kernel a number of ker­
       nel messaging issues such as sourcing, prioritization  and
       resolution  of kernel addresses must be addressed.  Incor­
       porating kernel logging into a separate process  offers  a
       cleaner separation of services.

  And further quoting the same manpage...

       inclusion  of default messaging levels for the kernel.  In
       a stock kernel the the default console log level is set to
       7.   Any  messages with a priority level numerically lower
       than 7 (higher priority) appear on the console.

  This is why the Debian kernel was logging those messages, when the
Redhat 7.3 kernel was not.  And since klogd doesn't follow syslog.conf,
telling syslog.conf not to log info messages doesn't help.  There are
two solutions.

  1) I chose to change to log-level 7.  This is "debug", and does not
get printed to console by the default klogd setup.

  2) "klogd -c 6" in the init scripts would tell klogd not to print
level 6 or 7 messages to console.

-- 
Walter Dnes <waltdnes-SLHPyeZ9y/tg9hUCZPvPmw at public.gmane.org>
Email users are divided into two classes;
1) Those who have effective spam-blocking
2) Those who wish they did
--
The Toronto Linux Users Group.      Meetings: http://tlug.ss.org
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml

More information about the Legacy mailing list