Mathematics, philosophy, code, travel and everything in between. More about me…

I write about

English | Czech
Choose your language. I write in English, but I translate many of my articles to Czech as well. Zvolte si jazyk. Píšu anglicky, ale řadu svých článků překládám i do češtiny.

Disabling iptables Console Logging

This has been driving me nuts ever since I started to work with iptables: every single log message gets printed directly to the console. Even when I am using it at that moment to write or read something. Few things are more annoying than this.

I am now posting my newly found solution here so that I won’t have to search for it once I forget it again :-).

After several futile attempts to configure syslog-ng to filter out firewall messages from the console, I discovered an interesting thing: the messages would get printed even when the syslog-ng daemon wasn’t running!

It turns out that kernel logs (those having the kern facility) may be printed directly by the kernel. Fortunately, it’s possible to set the minimal level a message must have in order to be printed.

# dmesg -n 4

After executing this command, only messages having level “warning” (4) or higher will be printed. All levels of messages will still be logged via the standard mechanisms, of course.

January 17, MMIX — Linux.