Disabling iptables Console Logging
This has been driving me nuts ever since I started to work with
iptables: every single log message gets printed directly to the console. Even when I am using it at that moment to write or read something. Few things are more annoying than this.
I am now posting my newly found solution here so that I won’t have to search for it once I forget it again :-).
After several futile attempts to configure
syslog-ng to filter out firewall messages from the console, I discovered an interesting thing: the messages would get printed even when the
syslog-ng daemon wasn’t running!
It turns out that kernel logs (those having the
kern facility) may be printed directly by the kernel. Fortunately, it’s possible to set the minimal level a message must have in order to be printed.
# dmesg -n 4
After executing this command, only messages having level “warning” (4) or higher will be printed. All levels of messages will still be logged via the standard mechanisms, of course.