On 2007-01-17 17:40, Greg Wallace wrote:
On Wednesday, January 17, 2007 @ 4:30 PM, Darryl Gregorash wrote:
On 2007-01-17 15:24, Greg Wallace wrote:
<snip>
Linux kernel: SFW2-IN-ACC-RELATED IN eth0 ^^^
This is firewall logging. Why it is in /var/log/messages is a mystery, I may have found it. Try this:
grep SFW2 /var/log/messages | grep IN= Then this: grep IN= /etc/syslog-ng/syslog-ng.conf.in The second command will probably output a line like this: filter f_iptables { facility(kern) and match("IN=") and match("OUT="); }; However, in the log entry you posted, the text is "IN", not "IN=". No match, so subsequent rules dump the entry to /var/log/messages. This is possibly a bug in the iptables logging module, ipt_LOG, for that kernel version. BTW, what is the result of this: ls -l /var/log/firewall If it is zero size, or doesn't exist at all, you can just edit /etc/syslog-ng/syslog-ng.conf.in to read "IN " vs. "IN=", run 'SuSEconfig --module syslog-ng', and carry on (until the hiccup is fixed, then you'd have to reverse the change :-) ). Note: edit the .conf.in file, not the .conf file, or you will lose the changes when suseconfig is run. -- The best way to accelerate a computer running Windows is at 9.81 m/s² -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org