OK. Let me preface by saying I''ve read
http://www.shorewall.net/shorewall_logging.html;
http://www.shorewall.net/FAQ.htm -- FAQs 6,6a,tb,tc,6d,16,17 and 21;
http://marc.theaimsgroup.com/?l=gentoo-security&m=106040714910563&w=2;
http://www.shorewall.net/troubleshoot.htm; man syslog; man 3 syslog; man
syslogd; man klogd; man printk; man dmesg; skimmed through all of the
other Shorewall documentation including the comments in the conf files;
searched the mailing list archives at http://lists.shorewall.net/;
searched Google. I may be blind, may be searching in the wrong place,
but I can''t see the answer to my question.
Is there a way to keep Shorewall messages from filling the kernel
message ring buffer? I want to be able to run dmesg and not get all of
the shorewall messages. I suspect there isn''t, short of modifying
netfilter somehow.
Thanks,
Frazier.