All of lore.kernel.org
 help / color / mirror / Atom feed
* RE: help needed: clogged console
@ 2004-01-02 15:15 bmcdowell
  2004-01-02 16:00 ` John A. Sullivan III
  0 siblings, 1 reply; 7+ messages in thread
From: bmcdowell @ 2004-01-02 15:15 UTC (permalink / raw)
  To: orlowscy, shrike-list, redhat-list; +Cc: netfilter


Search for 'dmesg -n 1' - I think that's what you're after.


Bob

-----Original Message-----
From: netfilter-admin@lists.netfilter.org
[mailto:netfilter-admin@lists.netfilter.org]On Behalf Of Slawomir
Orlowski
Sent: Tuesday, December 23, 2003 12:32 PM
To: shrike-list@redhat.com; redhat-list@redhat.com
Cc: netfilter@lists.netfilter.org
Subject: help needed: clogged console


Hello,

I have Linux RH 9.0 configured as filtering firewall, and getting a lot of
(kernel, iptables) messages on active consoles.
I have thought that putting in /etc/syslog.conf:

# *.kern /dev/console
kern.* /var/log/kernel
kern.* /dev/tty8

would free me from this, but it did not.
How can I force kernel message to appear only in /var/log/kernel log and on
tty8 only?

Best Regards
I hope that somebody will be able to help me.
When  I'm getting a lot of dropped packages it is not possible even to log.

Slawomir Orlowski



^ permalink raw reply	[flat|nested] 7+ messages in thread
* RE: help needed: clogged console
  2004-01-02 15:15 help needed: clogged console bmcdowell
@ 2004-01-02 16:00 ` John A. Sullivan III
  2004-01-05 12:31   ` Jozsef Kadlecsik
  0 siblings, 1 reply; 7+ messages in thread
From: John A. Sullivan III @ 2004-01-02 16:00 UTC (permalink / raw)
  To: bmcdowell; +Cc: orlowscy, shrike-list, redhat-list, netfilter

On Fri, 2004-01-02 at 10:15, bmcdowell@coxhealthplans.com wrote:
> Search for 'dmesg -n 1' - I think that's what you're after.
> 
> 
> Bob
> 
> -----Original Message-----
> From: netfilter-admin@lists.netfilter.org
> [mailto:netfilter-admin@lists.netfilter.org]On Behalf Of Slawomir
> Orlowski
> Sent: Tuesday, December 23, 2003 12:32 PM
> To: shrike-list@redhat.com; redhat-list@redhat.com
> Cc: netfilter@lists.netfilter.org
> Subject: help needed: clogged console
> 
> 
> Hello,
> 
> I have Linux RH 9.0 configured as filtering firewall, and getting a lot of
> (kernel, iptables) messages on active consoles.
> I have thought that putting in /etc/syslog.conf:
> 
> # *.kern /dev/console
> kern.* /var/log/kernel
> kern.* /dev/tty8
> 
> would free me from this, but it did not.
> How can I force kernel message to appear only in /var/log/kernel log and on
> tty8 only?
> 
> Best Regards
> I hope that somebody will be able to help me.
> When  I'm getting a lot of dropped packages it is not possible even to log.
> 
> Slawomir Orlowski

I've been really confused by this issue.  I am also running iptables on
RedHat 9.0.  /etc/syslog.conf shows nothing being logged to the
console.  Yet, ever since applying the netfilter patch-o-matic
tcp-window patch, all of its messages appear on my console.  The
netfilter mail lists say this is a misconfiguration of syslog but it
sure looks correctly configured to me.  No other iptables messages go to
the console - just the tcp-window messages. How do I stop them!!! Thanks
- John
-- 
John A. Sullivan III
Chief Technology Officer
Nexus Management
+1 207-985-7880
john.sullivan@nexusmgmt.com
---
If you are interested in helping to develop a GPL enterprise class
VPN/Firewall/Security device management console, please visit
http://iscs.sourceforge.net 



^ permalink raw reply	[flat|nested] 7+ messages in thread
* RE: help needed: clogged console
  2004-01-02 16:00 ` John A. Sullivan III
@ 2004-01-05 12:31   ` Jozsef Kadlecsik
  2004-01-06  1:42     ` John A. Sullivan III
  0 siblings, 1 reply; 7+ messages in thread
From: Jozsef Kadlecsik @ 2004-01-05 12:31 UTC (permalink / raw)
  To: John A. Sullivan III
  Cc: bmcdowell, orlowscy, shrike-list, redhat-list, netfilter

On Fri, 2 Jan 2004, John A. Sullivan III wrote:

> > Search for 'dmesg -n 1' - I think that's what you're after.
                ^^^^^
> I've been really confused by this issue.  I am also running iptables on
> RedHat 9.0.  /etc/syslog.conf shows nothing being logged to the
> console.  Yet, ever since applying the netfilter patch-o-matic
> tcp-window patch, all of its messages appear on my console.  The
> netfilter mail lists say this is a misconfiguration of syslog but it
> sure looks correctly configured to me.  No other iptables messages go to
> the console - just the tcp-window messages. How do I stop them!!! Thanks

Default the tcp-window-tracking patch uses extensive kernel logging,
while the other parts of netfilter keeps mouth shut. You can easily
disable the logging by

echo 0 > /proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_log_invalid

Back to the console logging: klogd uses the console to display the kernel
log messages. You can alter it's default behaviour by issuing dmesg like
above or setting the proper command line switches for klogd. If you want
to send the kernel logs to other places (file/remote machine etc.), *then*
you have to configure syslogd properly.

Best regards,
Jozsef
-
E-mail  : kadlec@blackhole.kfki.hu, kadlec@sunserv.kfki.hu
PGP key : http://www.kfki.hu/~kadlec/pgp_public_key.txt
Address : KFKI Research Institute for Particle and Nuclear Physics
          H-1525 Budapest 114, POB. 49, Hungary



^ permalink raw reply	[flat|nested] 7+ messages in thread
* RE: help needed: clogged console
  2004-01-05 12:31   ` Jozsef Kadlecsik
@ 2004-01-06  1:42     ` John A. Sullivan III
  2004-01-06  9:13       ` Jozsef Kadlecsik
  0 siblings, 1 reply; 7+ messages in thread
From: John A. Sullivan III @ 2004-01-06  1:42 UTC (permalink / raw)
  To: Jozsef Kadlecsik; +Cc: bmcdowell, orlowscy, shrike-list, redhat-list, netfilter

On Mon, 2004-01-05 at 07:31, Jozsef Kadlecsik wrote:
> On Fri, 2 Jan 2004, John A. Sullivan III wrote:
> 
> > > Search for 'dmesg -n 1' - I think that's what you're after.
>                 ^^^^^
> > I've been really confused by this issue.  I am also running iptables on
> > RedHat 9.0.  /etc/syslog.conf shows nothing being logged to the
> > console.  Yet, ever since applying the netfilter patch-o-matic
> > tcp-window patch, all of its messages appear on my console.  The
> > netfilter mail lists say this is a misconfiguration of syslog but it
> > sure looks correctly configured to me.  No other iptables messages go to
> > the console - just the tcp-window messages. How do I stop them!!! Thanks
> 
> Default the tcp-window-tracking patch uses extensive kernel logging,
> while the other parts of netfilter keeps mouth shut. You can easily
> disable the logging by
> 
> echo 0 > /proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_log_invalid
> 
> Back to the console logging: klogd uses the console to display the kernel
> log messages. You can alter it's default behaviour by issuing dmesg like
> above or setting the proper command line switches for klogd. If you want
> to send the kernel logs to other places (file/remote machine etc.), *then*
> you have to configure syslogd properly.
> 
> Best regards,
> Jozsef
> -
> E-mail  : kadlec@blackhole.kfki.hu, kadlec@sunserv.kfki.hu
> PGP key : http://www.kfki.hu/~kadlec/pgp_public_key.txt
> Address : KFKI Research Institute for Particle and Nuclear Physics
>           H-1525 Budapest 114, POB. 49, Hungary

Thanks.  Would you kindly confirm the /proc file.  I do not see
ip_conntrack_tcp_log_invalid.  I see ip_conntrack_tcp_invalid_scale and
ip_conntrack_tcp_log_out_of_window - John
-- 
John A. Sullivan III
Chief Technology Officer
Nexus Management
+1 207-985-7880
john.sullivan@nexusmgmt.com
---
If you are interested in helping to develop a GPL enterprise class
VPN/Firewall/Security device management console, please visit
http://iscs.sourceforge.net 



^ permalink raw reply	[flat|nested] 7+ messages in thread
* RE: help needed: clogged console
  2004-01-06  1:42     ` John A. Sullivan III
@ 2004-01-06  9:13       ` Jozsef Kadlecsik
  0 siblings, 0 replies; 7+ messages in thread
From: Jozsef Kadlecsik @ 2004-01-06  9:13 UTC (permalink / raw)
  To: John A. Sullivan III
  Cc: bmcdowell, orlowscy, shrike-list, redhat-list, netfilter

On Mon, 5 Jan 2004, John A. Sullivan III wrote:

> > echo 0 > /proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_log_invalid
>
> Thanks.  Would you kindly confirm the /proc file.  I do not see
> ip_conntrack_tcp_log_invalid.  I see ip_conntrack_tcp_invalid_scale and
> ip_conntrack_tcp_log_out_of_window - John

You use an old version of the tcp-window-tracking patch.

ip_conntrack_tcp_log_invalid_scale and ip_conntrack_tcp_log_out_of_window
were integrated into the single ip_conntrack_tcp_log_invalid (besides
bugfixes and robustness improvements in the new release).

Best regards,
Jozsef
-
E-mail  : kadlec@blackhole.kfki.hu, kadlec@sunserv.kfki.hu
PGP key : http://www.kfki.hu/~kadlec/pgp_public_key.txt
Address : KFKI Research Institute for Particle and Nuclear Physics
          H-1525 Budapest 114, POB. 49, Hungary



^ permalink raw reply	[flat|nested] 7+ messages in thread
* RE: help needed: clogged console
  2003-12-23 18:31 Slawomir Orlowski
@ 2004-01-02 12:56 ` involved
  0 siblings, 0 replies; 7+ messages in thread
From: involved @ 2004-01-02 12:56 UTC (permalink / raw)
  To: netfilter

Hi,

I also had that problem.. I use "dmesg -n 1" to avoid getting those kernel
messages on active consoles

Bye
i.

-----Original Message-----
From: netfilter-admin@lists.netfilter.org
[mailto:netfilter-admin@lists.netfilter.org] On Behalf Of Slawomir Orlowski
Sent: terça-feira, 23 de Dezembro de 2003 18:32
To: shrike-list@redhat.com; redhat-list@redhat.com
Cc: netfilter@lists.netfilter.org
Subject: help needed: clogged console

Hello,

I have Linux RH 9.0 configured as filtering firewall, and getting a lot of
(kernel, iptables) messages on active consoles.
I have thought that putting in /etc/syslog.conf:

# *.kern /dev/console
kern.* /var/log/kernel
kern.* /dev/tty8

would free me from this, but it did not.
How can I force kernel message to appear only in /var/log/kernel log and on
tty8 only?

Best Regards
I hope that somebody will be able to help me.
When  I'm getting a lot of dropped packages it is not possible even to log.

Slawomir Orlowski




^ permalink raw reply	[flat|nested] 7+ messages in thread
* help needed: clogged console
@ 2003-12-23 18:31 Slawomir Orlowski
  2004-01-02 12:56 ` involved
  0 siblings, 1 reply; 7+ messages in thread
From: Slawomir Orlowski @ 2003-12-23 18:31 UTC (permalink / raw)
  To: shrike-list, redhat-list; +Cc: netfilter

Hello,

I have Linux RH 9.0 configured as filtering firewall, and getting a lot of
(kernel, iptables) messages on active consoles.
I have thought that putting in /etc/syslog.conf:

# *.kern /dev/console
kern.* /var/log/kernel
kern.* /dev/tty8

would free me from this, but it did not.
How can I force kernel message to appear only in /var/log/kernel log and on
tty8 only?

Best Regards
I hope that somebody will be able to help me.
When  I'm getting a lot of dropped packages it is not possible even to log.

Slawomir Orlowski



^ permalink raw reply	[flat|nested] 7+ messages in thread
end of thread, other threads:[~2004-01-06  9:13 UTC | newest]

Thread overview: 7+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2004-01-02 15:15 help needed: clogged console bmcdowell
2004-01-02 16:00 ` John A. Sullivan III
2004-01-05 12:31   ` Jozsef Kadlecsik
2004-01-06  1:42     ` John A. Sullivan III
2004-01-06  9:13       ` Jozsef Kadlecsik
  -- strict thread matches above, loose matches on Subject: below --
2003-12-23 18:31 Slawomir Orlowski
2004-01-02 12:56 ` involved

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.