[Bug 442265] New: iptables logs to dmesg
https://bugzilla.novell.com/show_bug.cgi?id=442265 Summary: iptables logs to dmesg Product: openSUSE 11.1 Version: Beta4 Platform: x86-64 OS/Version: Other Status: NEW Severity: Normal Priority: P5 - None Component: Kernel AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: ajohansson@novell.com QAContact: qa@suse.de Found By: --- iptables logs to the same kernel ring buffer that dmesg reads from. This means with all the "DROP" messages, the buffer will fill up very quickly, overwriting all interesting error (and other) messages -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=442265
Andreas Jaeger
https://bugzilla.novell.com/show_bug.cgi?id=442265
User lnussel@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=442265#c1
Ludwig Nussel
https://bugzilla.novell.com/show_bug.cgi?id=442265
User ajohansson@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=442265#c2
Anders Johansson
From a support perspective, we want to be able to request dmesg output from customers and it would be helpful if the output was readable
-- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=442265
User lnussel@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=442265#c3
Ludwig Nussel
iptables logging option. Must end with --log-prefix and some prefix # characters # # You may specify an alternative logging target by starting the # string with "-j ". E.g. "-j ULOG --ulog-prefix SFW2" # # only change this if you know what you are doing!
I really don't think this is well documented. I've been working with linux since 1998, and I have absolutely no idea what ulog is. A small mention might be a good idea
man iptables /ulog
It would also be great if we could change the default to not pollute dmesg. From a support perspective, we want to be able to request dmesg output from customers and it would be helpful if the output was readable
Well, file a feature request but have a look at why Fate 302146 was rejected first. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@novell.com