HPE Community
Operating System - Linux
1753936 Members
9295 Online
108811 Solutions
New Discussion юеВ

network trace log to kernel log file

 
SOLVED
Go to solution
Tammy Liang
Regular Advisor

тАО06-15-2007 02:30 AM

тАО06-15-2007 02:30 AM

network trace log to kernel log file

There is network trace keep logging into kernel log file which filled up /var file system. How can I turn off this network trace log message, so won't put a line to kernel.log file evey time some one connect to this system via eth0 card?

Tks.

Tammy
take easy, enjoy life
0 Kudos
Reply
5 REPLIES 5
Ivan Ferreira
Honored Contributor

тАО06-15-2007 02:57 AM

тАО06-15-2007 02:57 AM

Re: network trace log to kernel log file

Please post a sample record. Probably is caused by some iptables rules that LOGS the packets.

You should check your iptables rules.
Por que hacerlo dificil si es posible hacerlo facil? - Why do it the hard way, when you can do it the easy way?
0 Kudos
Reply
Tammy Liang
Regular Advisor

тАО06-15-2007 03:27 AM

тАО06-15-2007 03:27 AM

Re: network trace log to kernel log file

How can I check iptable rules?
Below are the lines log to both dmesg.log and kernel.log files.


BANDWIDTH_IN:IN=eth0 OUT= MAC=00:18:fe:71:31:11:00:13:72:a9:4e:a7:08:00 src=10.99.66.45 DST=10.99.66.43 LEN=53 TOS=0x00 PREC=0x00 TTL=128 ID=27450 DF PROTO=TCP SPT=1088 DPT=1521 WINDOW=16849 RES=0x00 ACK PSH URGP=0
BANDWIDTH_OUT:IN= OUT=eth0 src=10.99.66.43 DST=10.99.66.45 LEN=57 TOS=0x00 PREC=0x00 TTL=64 ID=9796 DF PROTO=TCP SPT=1521 DPT=1088 WINDOW=32767 RES=0x00 ACK PSH URGP=0
BANDWIDTH_IN:IN=eth0 OUT= MAC=00:18:fe:71:31:11:00:13:72:a9:4e:a7:08:00 src=10.99.66.45 DST=10.99.66.43 LEN=40 TOS=0x00 PREC=0x00 TTL=128 ID=27462 DF PROTO=TCP SPT=1088 DPT=1521 WINDOW=16832 RES=0x00 ACK URGP=0


take easy, enjoy life
0 Kudos
Reply
Stuart Browne
Honored Contributor

тАО06-15-2007 09:35 AM

тАО06-15-2007 09:35 AM

Solution

Re: network trace log to kernel log file

iptables -nL --line

Look for lines that have 'LOG' int he 2nd column, and 'BANDWIDTH_IN' or 'BANDWIDTH_OUT' on the right-hand-side.

Starting from the bottm, use:

iptables -D

to remove then.

If you want to leave the rules there, but only have them not trigger when the user is using 'eth0', then use:

iptables -R -i !eth0 -j LOG ........

(where ... makes up the rest of the rule (-s, -d, -p etc.)).

Once complete, save the rules. On a RH or SuSE system, use 'service iptables save'.
One long-haired git at your service...
Reply
Tammy Liang
Regular Advisor

тАО06-18-2007 02:19 AM

тАО06-18-2007 02:19 AM

Re: network trace log to kernel log file

Thanks for the help... I see the iptables firewall rules and will disable them.

Thanks again.

Tammy
take easy, enjoy life
0 Kudos
Reply
Tammy Liang
Regular Advisor

тАО06-18-2007 06:21 AM

тАО06-18-2007 06:21 AM

Re: network trace log to kernel log file

I stoped the iptables service. It stop the logging to dmesg.log file.
take easy, enjoy life
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.