Shorewall users - May 2008 - Dmesg/console output

Hello all......

I know this subject has been touched ob before, but no matter what i 
modify, i cannot get shorewall to stop spewing stuff to dmesg and or the 
console....

I am using Debian Etch.... can some please direct me to any docs that 
might help me resolve this issue?

I am using version 3.2.6-2 via apt-get

Thanks

-- 

Rob Morin
Dido Internet Inc.
Montreal,Canada
http://www.dido.ca
514-990-4444


-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/

Hi!

Try this:

Tip

Under Debian with syslog, you can set KLOGD="-c 5" in
/etc/init.d/klogd to
suppress info (log level 6) messages on the console.
from: http://www.shorewall.net/FAQ.htm


On Mon, May 26, 2008 at 10:43 AM, Rob Morin <rob@dido.ca> wrote:
> Hello all......
>
> I know this subject has been touched ob before, but no matter what i
> modify, i cannot get shorewall to stop spewing stuff to dmesg and or the
> console....
>
> I am using Debian Etch.... can some please direct me to any docs that
> might help me resolve this issue?
>
> I am using version 3.2.6-2 via apt-get
>
> Thanks
>
> --
>
> Rob Morin
> Dido Internet Inc.
> Montreal,Canada
> http://www.dido.ca
> 514-990-4444
>
>
> -------------------------------------------------------------------------
> This SF.net email is sponsored by: Microsoft
> Defy all challenges. Microsoft(R) Visual Studio 2008.
> http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
> _______________________________________________
> Shorewall-users mailing list
> Shorewall-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/shorewall-users
>


-- 
Bruno Ayub.
bruno.ayub@gmail.com


-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/

Did that, and a few other things, still same thing....... and i did 
restart syslogd..

:(

Rob Morin
Dido Internet Inc.
Montreal,Canada
http://www.dido.ca
514-990-4444



Bruno Ayub wrote:
> Hi!
>
> Try this:
>
>
>       Tip
>
> Under Debian with syslog, you can set KLOGD="-c 5" in 
> |/etc/init.d/klogd| to suppress info (log level 6) messages on the 
> console.
>
>
>       from: http://www.shorewall.net/FAQ.htm
>
>
>
> On Mon, May 26, 2008 at 10:43 AM, Rob Morin <rob@dido.ca 
> <mailto:rob@dido.ca>> wrote:
>
>     Hello all......
>
>     I know this subject has been touched ob before, but no matter what i
>     modify, i cannot get shorewall to stop spewing stuff to dmesg and
>     or the
>     console....
>
>     I am using Debian Etch.... can some please direct me to any docs that
>     might help me resolve this issue?
>
>     I am using version 3.2.6-2 via apt-get
>
>     Thanks
>
>     --
>
>     Rob Morin
>     Dido Internet Inc.
>     Montreal,Canada
>     http://www.dido.ca
>     514-990-4444
>
>
>    
-------------------------------------------------------------------------
>     This SF.net email is sponsored by: Microsoft
>     Defy all challenges. Microsoft(R) Visual Studio 2008.
>     http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
>     _______________________________________________
>     Shorewall-users mailing list
>     Shorewall-users@lists.sourceforge.net
>     <mailto:Shorewall-users@lists.sourceforge.net>
>     https://lists.sourceforge.net/lists/listinfo/shorewall-users
>
>
>
>
> -- 
> Bruno Ayub.
> bruno.ayub@gmail.com <mailto:bruno.ayub@gmail.com>
> ------------------------------------------------------------------------
>
> -------------------------------------------------------------------------
> This SF.net email is sponsored by: Microsoft
> Defy all challenges. Microsoft(R) Visual Studio 2008.
> http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
> ------------------------------------------------------------------------
>
> _______________________________________________
> Shorewall-users mailing list
> Shorewall-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/shorewall-users
>   
-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/

Rob Morin wrote:
> Did that, and a few other things, still same thing....... and i did 
> restart syslogd..
But you didn''t restart klogd?

-Tom
-- 
Tom Eastep    \ Nothing is foolproof to a sufficiently talented fool
Shoreline,     \ http://shorewall.net
Washington USA  \ teastep@shorewall.net
PGP Public Key   \ https://lists.shorewall.net/teastep.pgp.key



-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/

The server has been rebooted a couple times since i made that change a 
couple months ago....

There must be something else?

Rob Morin
Dido Internet Inc.
Montreal,Canada
http://www.dido.ca
514-990-4444



Tom Eastep wrote:
> Rob Morin wrote:
>> Did that, and a few other things, still same thing....... and i did 
>> restart syslogd..
>
> But you didn''t restart klogd?
>
> -Tom
> ------------------------------------------------------------------------
>
> -------------------------------------------------------------------------
> This SF.net email is sponsored by: Microsoft
> Defy all challenges. Microsoft(R) Visual Studio 2008.
> http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
> ------------------------------------------------------------------------
>
> _______________________________________________
> Shorewall-users mailing list
> Shorewall-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/shorewall-users
>   
-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/

Rob Morin wrote:
> The server has been rebooted a couple times since i made that change a 
> couple months ago....
> 
> There must be something else?
 From /etc/sysctl.conf under Debian etch:

# Uncomment the following to stop low-level messages on console
#kernel.printk = 4 4 1 7


-Tom
-- 
Tom Eastep    \ Nothing is foolproof to a sufficiently talented fool
Shoreline,     \ http://shorewall.net
Washington USA  \ teastep@shorewall.net
PGP Public Key   \ https://lists.shorewall.net/teastep.pgp.key



-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/

What do i need to do after that? reboot , reload something?

Thanks for your help...


Rob Morin
Dido Internet Inc.
Montreal,Canada
http://www.dido.ca
514-990-4444



Tom Eastep wrote:
> Rob Morin wrote:
>> The server has been rebooted a couple times since i made that change 
>> a couple months ago....
>>
>> There must be something else?
>
> From /etc/sysctl.conf under Debian etch:
>
> # Uncomment the following to stop low-level messages on console
> #kernel.printk = 4 4 1 7
>
>
> -Tom
> ------------------------------------------------------------------------
>
> -------------------------------------------------------------------------
> This SF.net email is sponsored by: Microsoft
> Defy all challenges. Microsoft(R) Visual Studio 2008.
> http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
> ------------------------------------------------------------------------
>
> _______________________________________________
> Shorewall-users mailing list
> Shorewall-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/shorewall-users
>   
-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/

Rob Morin wrote:
> What do i need to do after that? reboot , reload something?
> 
>
sysctl -p /etc/sysctl.conf

-Tom
-- 
Tom Eastep    \ Nothing is foolproof to a sufficiently talented fool
Shoreline,     \ http://shorewall.net
Washington USA  \ teastep@shorewall.net
PGP Public Key   \ https://lists.shorewall.net/teastep.pgp.key



-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/

I still get messages via dmesg....
:(


Rob Morin
Dido Internet Inc.
Montreal,Canada
http://www.dido.ca
514-990-4444



Tom Eastep wrote:
> Rob Morin wrote:
>> What do i need to do after that? reboot , reload something?
>>
>>
>
> sysctl -p /etc/sysctl.conf
>
> -Tom
> ------------------------------------------------------------------------
>
> -------------------------------------------------------------------------
> This SF.net email is sponsored by: Microsoft
> Defy all challenges. Microsoft(R) Visual Studio 2008.
> http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
> ------------------------------------------------------------------------
>
> _______________________________________________
> Shorewall-users mailing list
> Shorewall-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/shorewall-users
>   
-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/

Rob Morin wrote:
> I still get messages via dmesg....
> :(
Yes you do -- if you don''t like that, you will have to install ulogd
and
switch your Shorewall configuration to use ULOG as the log level rather than 
''info''.

-Tom
-- 
Tom Eastep    \ Nothing is foolproof to a sufficiently talented fool
Shoreline,     \ http://shorewall.net
Washington USA  \ teastep@shorewall.net
PGP Public Key   \ https://lists.shorewall.net/teastep.pgp.key



-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/

But this sysctl.conf mod will not have it spit on teh console? thats a 
bit more important for the moment?

Thanks..

Rob Morin
Dido Internet Inc.
Montreal,Canada
http://www.dido.ca
514-990-4444



Tom Eastep wrote:
> Rob Morin wrote:
>> I still get messages via dmesg....
>> :(
>
> Yes you do -- if you don''t like that, you will have to install
ulogd
> and switch your Shorewall configuration to use ULOG as the log level 
> rather than ''info''.
>
> -Tom
> ------------------------------------------------------------------------
>
> -------------------------------------------------------------------------
> This SF.net email is sponsored by: Microsoft
> Defy all challenges. Microsoft(R) Visual Studio 2008.
> http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
> ------------------------------------------------------------------------
>
> _______________________________________________
> Shorewall-users mailing list
> Shorewall-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/shorewall-users
>   
-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/

Rob Morin wrote:
> But this sysctl.conf mod will not have it spit on teh console? thats a 
> bit more important for the moment?
That''s correct.

-Tom
-- 
Tom Eastep    \ Nothing is foolproof to a sufficiently talented fool
Shoreline,     \ http://shorewall.net
Washington USA  \ teastep@shorewall.net
PGP Public Key   \ https://lists.shorewall.net/teastep.pgp.key



-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/

So in /etc/shorewall/shorewall.conf i changed all instances of log level 
to be ULOG and restarted shorewall and i still get messages in dmesg....
BLACKLIST_LOGLEVEL=ULOG
MACLIST_LOG_LEVEL=ULOG
TCP_FLAGS_LOG_LEVEL=ULOG
RFC1918_LOG_LEVEL=ULOG
SMURF_LOG_LEVEL=ULOG

I think my server is possessed!
:)

Rob Morin
Dido Internet Inc.
Montreal,Canada
http://www.dido.ca
514-990-4444



Tom Eastep wrote:
> Rob Morin wrote:
>> I still get messages via dmesg....
>> :(
>
> Yes you do -- if you don''t like that, you will have to install
ulogd
> and switch your Shorewall configuration to use ULOG as the log level 
> rather than ''info''.
>
> -Tom
> ------------------------------------------------------------------------
>
> -------------------------------------------------------------------------
> This SF.net email is sponsored by: Microsoft
> Defy all challenges. Microsoft(R) Visual Studio 2008.
> http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
> ------------------------------------------------------------------------
>
> _______________________________________________
> Shorewall-users mailing list
> Shorewall-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/shorewall-users
>   
-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/

Woops ok i get it it has to be in the policy file... i thought it would 
be in shorewall.conf file

I think i might have it working!??!?!

I am excited now


Rob Morin
Dido Internet Inc.
Montreal,Canada
http://www.dido.ca
514-990-4444



Rob Morin wrote:
> So in /etc/shorewall/shorewall.conf i changed all instances of log level 
> to be ULOG and restarted shorewall and i still get messages in dmesg....
> BLACKLIST_LOGLEVEL=ULOG
> MACLIST_LOG_LEVEL=ULOG
> TCP_FLAGS_LOG_LEVEL=ULOG
> RFC1918_LOG_LEVEL=ULOG
> SMURF_LOG_LEVEL=ULOG
>
> I think my server is possessed!
> :)
>
> Rob Morin
> Dido Internet Inc.
> Montreal,Canada
> http://www.dido.ca
> 514-990-4444
>
>
>
> Tom Eastep wrote:
>   
>> Rob Morin wrote:
>>     
>>> I still get messages via dmesg....
>>> :(
>>>       
>> Yes you do -- if you don''t like that, you will have to install
ulogd
>> and switch your Shorewall configuration to use ULOG as the log level 
>> rather than ''info''.
>>
>> -Tom
>>
------------------------------------------------------------------------
>>
>>
-------------------------------------------------------------------------
>> This SF.net email is sponsored by: Microsoft
>> Defy all challenges. Microsoft(R) Visual Studio 2008.
>> http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
>>
------------------------------------------------------------------------
>>
>> _______________________________________________
>> Shorewall-users mailing list
>> Shorewall-users@lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/shorewall-users
>>   
>>     
>
> -------------------------------------------------------------------------
> This SF.net email is sponsored by: Microsoft
> Defy all challenges. Microsoft(R) Visual Studio 2008.
> http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
> _______________________________________________
> Shorewall-users mailing list
> Shorewall-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/shorewall-users
>   
-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/