dear shorewall-users, I''ve been upgrade shorewall 1.4.3 to 1.4.4, in new version (1.4.4) why log display on the console? it''s very difficult for me to work at console. does anyone has a suggestion? i want log only save in a file /var/log/messages. -- Best regards, Warsono mailto:warsono@astra-agro.co.id
Hi Warsono,> I''ve been upgrade shorewall 1.4.3 to 1.4.4, in new version (1.4.4) why > log display on the console? it''s very difficult for me to work at > console. does anyone has a suggestion? i want log only save in a file > /var/log/messages.That''s not something shorewall is (directly) responsible for. Take a look at the documentation for klogd on your system, you should find an option called ''-c'' for controlling what levels of kernel messages are sent to the system console. I log shorewall messages at level ''info'', and so setting ''-c 4'' (which means ''only level KERN_ERR and above'') stopped the iptables-generated kernel messages appearing on the system console. In order to add the option, see if you have the file /etc/sysconfig/syslog. If you do, look for a line like: KLOGD_OPTIONS="-2" And change it to: KLOGD_OPTIONS="-2 -c 4" Then type: service syslog restart at a shell prompt. If you don''t have a /etc/sysconfig/syslog file, you may have to edit /etc/init.d/syslog directly to add the option to the line that starts klogd. HTH, Paul
Paul Chambers schrieb:> > Hi Warsono, > > > I''ve been upgrade shorewall 1.4.3 to 1.4.4, in new version (1.4.4) why > > log display on the console? it''s very difficult for me to work at > > console. does anyone has a suggestion? i want log only save in a file > > /var/log/messages. > > That''s not something shorewall is (directly) responsible for.Right, but I can confirm the report too. After upgrading the kernel to the latest RedHat errata and upgrading Shorewall from 1.4.3 to 1.4.4 without any change to the default configuration, the console gets flooded by Shorewall messages. My simple question is: Is it a change in Shorewall or a change in the kernel? Simon> > Take a look at the documentation for klogd on your system, you should > find an option called ''-c'' for controlling what levels of kernel > messages are sent to the system console. I log shorewall messages at > level ''info'', and so setting ''-c 4'' (which means ''only level KERN_ERR > and above'') stopped the iptables-generated kernel messages appearing on > the system console. > > In order to add the option, see if you have the file > /etc/sysconfig/syslog. If you do, look for a line like: > > KLOGD_OPTIONS="-2" > > And change it to: > > KLOGD_OPTIONS="-2 -c 4" > > Then type: > > service syslog restart > > at a shell prompt. > > If you don''t have a /etc/sysconfig/syslog file, you may have to edit > /etc/init.d/syslog directly to add the option to the line that starts > klogd. > > HTH, > > Paul > > _______________________________________________ > Shorewall-users mailing list > Post: Shorewall-users@lists.shorewall.net > Subscribe/Unsubscribe: http://lists.shorewall.net/mailman/listinfo/shorewall-users > Support: http://www.shorewall.net/support.htm > FAQ: http://www.shorewall.net/FAQ.htm
On Tue, 27 May 2003 07:53:22 +0200, Simon Matter <simon.matter@ch.sauter- bc.com> wrote:> Paul Chambers schrieb: >> >> Hi Warsono, >> >> > I''ve been upgrade shorewall 1.4.3 to 1.4.4, in new version (1.4.4) why >> > log display on the console? it''s very difficult for me to work at >> > console. does anyone has a suggestion? i want log only save in a file >> > /var/log/messages. >> >> That''s not something shorewall is (directly) responsible for. > > Right, but I can confirm the report too. > > After upgrading the kernel to the latest RedHat errata and upgrading > Shorewall from 1.4.3 to 1.4.4 without any change to the default > configuration, the console gets flooded by Shorewall messages. > > My simple question is: Is it a change in Shorewall or a change in the > kernel? >Did you install Fireparse? The damned thing restarts syslog which has the effect of undoing what the RedHat init scripts do WRT console logging. Again, I wish I had never heard of Fireparse..... Anyway, you should be able to fix this by making this change to /etc/sysconfig/syslog: KLOGD_OPTIONS="-x -c 3" ---- -Tom -- Tom Eastep \ Shorewall - iptables made easy Shoreline, \ http://www.shorewall.net Washington USA \ teastep@shorewall.net
Tom Eastep schrieb:> > On Tue, 27 May 2003 07:53:22 +0200, Simon Matter <simon.matter@ch.sauter- > bc.com> wrote: > > > Paul Chambers schrieb: > >> > >> Hi Warsono, > >> > >> > I''ve been upgrade shorewall 1.4.3 to 1.4.4, in new version (1.4.4) why > >> > log display on the console? it''s very difficult for me to work at > >> > console. does anyone has a suggestion? i want log only save in a file > >> > /var/log/messages. > >> > >> That''s not something shorewall is (directly) responsible for. > > > > Right, but I can confirm the report too. > > > > After upgrading the kernel to the latest RedHat errata and upgrading > > Shorewall from 1.4.3 to 1.4.4 without any change to the default > > configuration, the console gets flooded by Shorewall messages. > > > > My simple question is: Is it a change in Shorewall or a change in the > > kernel? > > > > Did you install Fireparse? The damned thing restarts syslog which has theNo, not at all. The only thing I changed was upgrading the kernel and upgrading shorewall. I didn''t touch syslog or shorewall.conf. Looks like the recent logformat changes introduced the new behaviour. Simon> effect of undoing what the RedHat init scripts do WRT console logging. > > Again, I wish I had never heard of Fireparse..... > > Anyway, you should be able to fix this by making this change to > /etc/sysconfig/syslog: > > KLOGD_OPTIONS="-x -c 3" > ---- > > -Tom > -- > Tom Eastep \ Shorewall - iptables made easy > Shoreline, \ http://www.shorewall.net > Washington USA \ teastep@shorewall.net > > _______________________________________________ > Shorewall-users mailing list > Post: Shorewall-users@lists.shorewall.net > Subscribe/Unsubscribe: http://lists.shorewall.net/mailman/listinfo/shorewall-users > Support: http://www.shorewall.net/support.htm > FAQ: http://www.shorewall.net/FAQ.htm