With a update to the klogd package (or perhaps it was an
update to the netbase package which contains ipchains, I
started getting the following log messages written to my console (in
/var/log/syslog and in dmesg!):
Packet log: input DENY ppp0 PROTO=88 18.104.22.168:65535 22.214.171.124:65535 L=60 S=0xC0 I=0 F=0x0000 T=2 (#11)
These packets are coming from actdial.togaware.com (126.96.36.199—my connection to the internet) and their CISCO router sending regular EIGRP (PROTO=88) packets. Nothing untoward about this but for some reason the log messages were appearing on the consoles! Every 4 seconds!
Looking at the current ipchains rules we see rule 11 is the default catch-all:
DENY all ----l- anywhere anywhere n/a
With the following
ipchains command the log messages are stopped:
# ipchains -I input 11 -i ppp0 -d 188.8.131.52 -j DENY
So that rules 11 and 12 of the input chain are now:
DENY all ------ anywhere IGRP-ROUTERS.MCAST.NET n/a DENY all ----l- anywhere anywhere n/a
Note that you can save the current rules using:
# /etc/init.d/ipchains save
which places the saved rules into
them in again with:
# /etc/init.d/ipchains load
It seems to be okay to flush the old ones when asked.
Unfortunately, this rule is lost each time ppp restarts!
But the actual problem has been found: The log messages have a log
level of less than 7, meaning they are more than debug messages. The
klogd logger will display messages with a log level less than
7 to the console! This is `
fixed'' by changing, in the file/etc/init.d/klogd` the line that says:
The messages are now gone from the console, but still remain in
/var/log/syslog gets filled with these so it still may be
best to turn them off with the ipchains rule.
Your donation will support ongoing availability and give you access to the PDF version of this book. Desktop Survival Guides include Data Science, GNU/Linux, and MLHub. Books available on Amazon include Data Mining with Rattle and Essentials of Data Science. Popular open source software includes rattle, wajig, and mlhub. Hosted by Togaware, a pioneer of free and open source software since 1984. Copyright © 1995-2021 Graham.Williams@togaware.com Creative Commons Attribution-ShareAlike 4.0