Mathematics, philosophy, programming, in-line skating and everything in between. More about me…

Disabling iptables Console Logging

This has been driving me nuts ever since I started to work with iptables: every single log message gets printed directly to the console. Even when I am using it at that moment to write or read something. Few things are more annoying than this.

I am now posting my newly found solution here so that I won’t have to search for it once I forget it again :-).

After several futile attempts to configure syslog-ng to filter out firewall messages from the console, I discovered an interesting thing: the messages would get printed even when the syslog-ng daemon wasn’t running!

It turns out that kernel logs (those having the kern facility) may be printed directly by the kernel. Fortunately, it’s possible to set the minimal level a message must have in order to be printed.

# dmesg -n 4

After executing this command, only messages having level “warning” (4) or higher will be printed. All levels of messages will still be logged via the standard mechanisms, of course.

2 comments Add your own…

kagame I May 21, MMIX

Hello, i have tried the above procedures but to my surprise kernel still log to the console.
try this  
vi /etc/sysconfig/syslog and add these to the KLOGD_OPTIONS="-2 -c 1"
then /etc/init.d/syslog restart
thereafter  edit /etc/syslog.conf and alter /dev/console to another file of your choice.
rgs,
kagame

Vita II May 22, MMIX

Hi kagame,

I was using syslog-ng instead of plain syslog so it's possible that the dmesg command alone isn't enough for syslog. Thanks for the addition.

~ Vita

Speak your mind

Your name*

Your e-mail* (will not be displayed)

Your website (if you have one)

Please enter the current year (I hate spam)

Post Comment

Allowed HTML tags are a, blockquote, em, code, li, ol, p, pre, strong, ul. Links to other comments in the form “[IV]” or “[4]” are detected automatically.