On Thu, Jul 20, 2006 at 03:48:09PM -0400, JA wrote:
Not directly, and certainly not from the current version of the GUI you can click on in yast2. The /sbin/SuSEfirewall2 script is hard-coded to use the LOG target, which of course plops the messages into the kernel ring buffer where both dmesg and syslog can see it. The ULOG target was implemented to allow logging to go through userspace instead, but most firewall building tools (including SuSEfirewall2) don't make use of it.
Thanks. RHEL4 and CentOS4 manage to have an iptables setup that works just fine without spewing so much crap into the kernel ring buffer that dmesg becomes useless. This must be another SuSE/Novell "enhancement".
You would need to either go through all 2000-ish lines of /sbin/SuSEfirewall2's Bourne shell code and "fix" all of the -j LOG targets to use ULOG instead
Tried that, it didn't work. Thanks much for trying to help. I think I will just shut off SFW2 and convert it to a manual iptable setup. That method is easier for me to manage anyway. Michael -- San Francisco, CA -- Check the headers for your unsubscription address For additional commands send e-mail to suse-linux-e-help@suse.com Also check the archives at http://lists.suse.com Please read the FAQs: suse-linux-e-faq@suse.com