My problem is that there are still log-messages in /var/log/debug, /var/log/syslog and /var/log/kern.log.
Also dmesg still shows log-messages of vuurmuur.
Is there a way that log-messages will be saved only in /var/log/firewall?
Robert
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
I'm not sure you can prevent 'dmesg' to be filled up with the messages, but for the logfiles you can. Can you show your syslog.conf? I general you should just make just kern.debug only goes to the file you want, not to any other...
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
#
# Logging for the mail system. Split it up so that
# it is easy to write scripts to parse these files.
#
mail.info -/var/log/mail.info
mail.warn -/var/log/mail.warn
mail.err /var/log/mail.err
# Logging for INN news system
#
news.crit /var/log/news/news.crit
news.err /var/log/news/news.err
news.notice -/var/log/news/news.notice
#
# Emergencies are sent to everybody logged in.
#
*.emerg *
#
# I like to have messages displayed on the console, but only on a virtual
# console I usually leave idle.
#
#daemon,mail.*;\
# news.=crit;news.=err;news.=notice;\
# *.=debug;*.=info;\
# *.=notice;*.=warn /dev/tty8
# The named pipe /dev/xconsole is for the `xconsole' utility. To use it,
# you must invoke `xconsole' with the `-file' option:
#
# $ xconsole -file /dev/xconsole [...]
#
# NOTE: adjust the list below, or you'll go crazy if you have a reasonably
# busy site..
#
daemon.*;mail.*;\
news.crit;news.err;news.notice;\
*.=debug;*.=info;\
*.=notice;*.=warn |/dev/xconsole
kern.=debug /var/log/firewall
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
I think this entry still logs the kern.=debug to /var/log/debug. You can exclude kern.=debug from it, but I can't remember the syntax. Please see the syslog documentation.
The printk fix should really help here. If it doesn't I suspect you have some other setting in syslog that causes this. Could you post you syslog.conf?
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
#
# Logging for the mail system. Split it up so that
# it is easy to write scripts to parse these files.
#
mail.info -/var/log/mail.info
mail.warn -/var/log/mail.warn
mail.err /var/log/mail.err
# Logging for INN news system
#
news.crit /var/log/news/news.crit
news.err /var/log/news/news.err
news.notice -/var/log/news/news.notice
#
# Emergencies are sent to everybody logged in.
#
*.emerg *
#
# I like to have messages displayed on the console, but only on a virtual
# console I usually leave idle.
#
#daemon,mail.*;\
# news.=crit;news.=err;news.=notice;\
# *.=debug;*.=info;\
# *.=notice;*.=warn /dev/tty8
# The named pipe /dev/xconsole is for the `xconsole' utility. To use it,
# you must invoke `xconsole' with the `-file' option:
#
# $ xconsole -file /dev/xconsole [...]
#
# NOTE: adjust the list below, or you'll go crazy if you have a reasonably
# busy site..
#
daemon.*;mail.*;\
news.crit;news.err;news.notice;\
*.=debug;*.=info;\
*.=notice;*.=warn |/dev/xconsole
# ssh auth loggin
auth.info /var/log/ssh/log
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
I don't see anything in your syslog that could cause this, but I'm not a syslog expert. Did you restart syslog (or even reboot) after changing the settings? I think this can really be solved with the sysctl and syslog settings, so please double check those...
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Hi,
i installed Vuurmuur under Debian 4.0 (Etch) and added "kern.=debug /var/log/firewall" to my /etc/syslog.conf like described in http://www.vuurmuur.org/trac/wiki/Logging.
I also deactivated logging to console described in http://lists.samba.org/archive/linux/2002-January/001726.html with adding "kernel.printk
= 3 4 1 7" to my /etc/sysctl.conf.
My problem is that there are still log-messages in /var/log/debug, /var/log/syslog and /var/log/kern.log.
Also dmesg still shows log-messages of vuurmuur.
Is there a way that log-messages will be saved only in /var/log/firewall?
Robert
I'm not sure you can prevent 'dmesg' to be filled up with the messages, but for the logfiles you can. Can you show your syslog.conf? I general you should just make just kern.debug only goes to the file you want, not to any other...
First of all: merry christmas
Here is my syslog.conf
# /etc/syslog.conf Configuration file for syslogd.
#
# For more information see syslog.conf(5)
# manpage.
#
# First some standard logfiles. Log by facility.
#
auth,authpriv.* /var/log/auth.log
*.*;auth,authpriv.none -/var/log/syslog
#cron.* /var/log/cron.log
daemon.* -/var/log/daemon.log
kern.* -/var/log/kern.log
lpr.* -/var/log/lpr.log
mail.* -/var/log/mail.log
user.* -/var/log/user.log
uucp.* /var/log/uucp.log
#
# Logging for the mail system. Split it up so that
# it is easy to write scripts to parse these files.
#
mail.info -/var/log/mail.info
mail.warn -/var/log/mail.warn
mail.err /var/log/mail.err
# Logging for INN news system
#
news.crit /var/log/news/news.crit
news.err /var/log/news/news.err
news.notice -/var/log/news/news.notice
#
# Some `catch-all' logfiles.
#
*.=debug;\ auth,authpriv.none;\ news.none;mail.none -/var/log/debug
*.=info;*.=notice;*.=warn;\ auth,authpriv.none;\ cron,daemon.none;\ mail,news.none -/var/log/messages
#
# Emergencies are sent to everybody logged in.
#
*.emerg *
#
# I like to have messages displayed on the console, but only on a virtual
# console I usually leave idle.
#
#daemon,mail.*;\ # news.=crit;news.=err;news.=notice;\ # *.=debug;*.=info;\ # *.=notice;*.=warn /dev/tty8
# The named pipe /dev/xconsole is for the `xconsole' utility. To use it,
# you must invoke `xconsole' with the `-file' option:
#
# $ xconsole -file /dev/xconsole [...]
#
# NOTE: adjust the list below, or you'll go crazy if you have a reasonably
# busy site..
#
daemon.*;mail.*;\ news.crit;news.err;news.notice;\ *.=debug;*.=info;\ *.=notice;*.=warn |/dev/xconsole
kern.=debug /var/log/firewall
I think this entry still logs the kern.=debug to /var/log/debug. You can exclude kern.=debug from it, but I can't remember the syntax. Please see the syslog documentation.
*.=debug;\
auth,authpriv.none;\
news.none;mail.none -/var/log/debug
Cheers,
Victor
Hi,
I have the same problem: many messages on my console.
My syslog and printk are right (as is described on this forum and in this thread)
How can I prevent Vuurmuur to log on my console.
I use Debian 4.0 (etch).
regards,
hans
The printk fix should really help here. If it doesn't I suspect you have some other setting in syslog that causes this. Could you post you syslog.conf?
here is my syslog.conf:
# /etc/syslog.conf Configuration file for syslogd.
#
# For more information see syslog.conf(5)
# manpage.
#
# First some standard logfiles. Log by facility.
#
auth,authpriv.* /var/log/auth.log
*.*;auth,authpriv.none -/var/log/syslog
cron.* /var/log/cron.log
daemon.* -/var/log/daemon.log
kern.* -/var/log/kern.log
lpr.* -/var/log/lpr.log
mail.* -/var/log/mail.log
user.* -/var/log/user.log
uucp.* /var/log/uucp.log
#kern.=debug /var/log/firewall
#
# Logging for the mail system. Split it up so that
# it is easy to write scripts to parse these files.
#
mail.info -/var/log/mail.info
mail.warn -/var/log/mail.warn
mail.err /var/log/mail.err
# Logging for INN news system
#
news.crit /var/log/news/news.crit
news.err /var/log/news/news.err
news.notice -/var/log/news/news.notice
#
# Some `catch-all' logfiles.
#
*.=debug;\ auth,authpriv.none;\ news.none;mail.none -/var/log/debug
*.=info;*.=notice;*.=warn;\ auth,authpriv.none;\ cron,daemon.none;\ mail,news.none -/var/log/messages
#
# Emergencies are sent to everybody logged in.
#
*.emerg *
#
# I like to have messages displayed on the console, but only on a virtual
# console I usually leave idle.
#
#daemon,mail.*;\ # news.=crit;news.=err;news.=notice;\ # *.=debug;*.=info;\ # *.=notice;*.=warn /dev/tty8
# The named pipe /dev/xconsole is for the `xconsole' utility. To use it,
# you must invoke `xconsole' with the `-file' option:
#
# $ xconsole -file /dev/xconsole [...]
#
# NOTE: adjust the list below, or you'll go crazy if you have a reasonably
# busy site..
#
daemon.*;mail.*;\ news.crit;news.err;news.notice;\ *.=debug;*.=info;\ *.=notice;*.=warn |/dev/xconsole
# ssh auth loggin
auth.info /var/log/ssh/log
I think commenting out this part:
daemon.*;mail.*;\
news.crit;news.err;news.notice;\
*.=debug;*.=info;\
*.=notice;*.=warn |/dev/xconsole
should fix your problems...
Cheers,
Victor
I've commented it out but there are still many messages on my console....
gr. hans
I don't see anything in your syslog that could cause this, but I'm not a syslog expert. Did you restart syslog (or even reboot) after changing the settings? I think this can really be solved with the sysctl and syslog settings, so please double check those...