2:04 a.m.
Hi,
LogDenied=all (or anything but off) in firewalld.conf;
Is there a way to specify a custom log file, now firewalld is flooding
dmesg.
-Paavo
11:10 a.m.
On Sat, Dec 16, 2017 at 10:04:08AM +0200, Paavo Leinonen wrote:
Hi,
LogDenied=all (or anything but off) in firewalld.conf;
Is there a way to specify a custom log file, now firewalld is flooding
dmesg.
Not for LogDenied. It's actually iptables (the kernel) doing the
logging. Currently firewalld can't control where the logs go. For that
we'd have to move to using NFLOG. I think this has been requested by
others, perhaps there is already a github issue open.
IMO, logging across the board needs to be improved.
12:22 p.m.
New subject: Logging Solution: Re: Custom log file?
On Tue, 19 Dec 2017, Eric Garver wrote:
Not for LogDenied. It's actually iptables (the kernel) doing the
logging. Currently firewalld can't control where the logs go. For that
we'd have to move to using NFLOG. I think this has been requested by
others, perhaps there is already a github issue open.
IMO, logging across the board needs to be improved.
Problem:
The default kernel logging level has too much detail when
iptables kicks in
Solution:
Dial to the level needed to hit the log files, but NOT
/dev/console :
How:
1. in /etc/sysconfig/grub, edit to add
GRUB_CMDLINE_LINUX_DEFAULT="loglevel=3 "
2. and rebuild the files:
grub2-mkconfig -o /etc/grub2.cfg
3. then reboot
4. examine that the added matter is present:
grubby --info=` grubby --default-kernel `
4a. so:
[root@router sysconfig]# grubby --info=` grubby
--default-kernel ` | grep log
args="ro rd.lvm.lv=centos_108-246-63-252/swap
rd.lvm.lv=centos_108-246-63-252/root
vconsole.font=latarcyrheb-sun16 crashkernel=auto
vconsole.keymap=us video=640x480 loglevel=3 console=tty1
.................................^^^^^^^^^^
noplymouth LANG=en_US.UTF-8"
-------------
I have high-lighted this addition. I make some other changes
as well, which are out of scope here
-- Russ herrold
2314
days inactive
2317
days old
firewalld-users@lists.fedorahosted.org
2 comments
3 participants
participants (3)
-
Eric Garver -
Paavo Leinonen -
R P Herrold