Mailinglist Archive: opensuse (2831 mails)

< Previous Next >
Re: [SLE] SuSEfirewall2 & dmesg
  • From: Michael Nelson <michaelnel@xxxxxxxxxxx>
  • Date: Thu, 20 Jul 2006 19:23:43 -0700
  • Message-id: <20060721022343.GA19114@xxxxxxxxxxxxxxxxxx>
On Thu, Jul 20, 2006 at 03:48:09PM -0400, JA wrote:
> Not directly, and certainly not from the current version of the GUI you can
> click on in yast2. The /sbin/SuSEfirewall2 script is hard-coded to use the
> LOG target, which of course plops the messages into the kernel ring buffer
> where both dmesg and syslog can see it. The ULOG target was implemented to
> allow logging to go through userspace instead, but most firewall building
> tools (including SuSEfirewall2) don't make use of it.

Thanks. RHEL4 and CentOS4 manage to have an iptables setup that works just
fine without spewing so much crap into the kernel ring buffer that dmesg
becomes useless. This must be another SuSE/Novell "enhancement".

> You would need to either go through all 2000-ish lines
> of /sbin/SuSEfirewall2's Bourne shell code and "fix" all of the -j LOG
> targets to use ULOG instead

Tried that, it didn't work.

Thanks much for trying to help. I think I will just shut off SFW2 and
convert it to a manual iptable setup. That method is easier for me to
manage anyway.



San Francisco, CA

Check the headers for your unsubscription address
For additional commands send e-mail to suse-linux-e-help@xxxxxxxx
Also check the archives at
Please read the FAQs: suse-linux-e-faq@xxxxxxxx

< Previous Next >
Follow Ups