Disabling iptables Console Logging

This has been driving me nuts ever since I started to work with iptables: every single log message gets printed directly to the console. Even when I am using it at that moment to write or read something. Few things are more annoying than this.

I am now posting my newly found solution here so that I won’t have to search for it once I forget it again :-).

After several futile attempts to configure syslog-ng to filter out firewall messages from the console, I discovered an interesting thing: the messages would get printed even when the syslog-ng daemon wasn’t running!

It turns out that kernel logs (those having the kern facility) may be printed directly by the kernel. Fortunately, it’s possible to set the minimal level a message must have in order to be printed.

# dmesg -n 4

After executing this command, only messages having level “warning” (4) or higher will be printed. All levels of messages will still be logged via the standard mechanisms, of course.

January 17, MMIX — Linux.