SuSE firewall and syslog.conf

my firewall seems to be filling up all sorts of log files that i don't want it in.  okay, so that's a bit of hyperbole, but the firewall messages are showing up in /var/log/messages, /var/log/warn and /var/log/firewall.  (i don't know if it makes any difference, but it's SuSE 8.0 running kernel 2.4.18.)

i'd like to drop the loggin to messages and warn and leave everything in firewall, but i'm not sure what to do with my syslog.conf file.  below are the lines from syslog.conf that mention the three files in question:
*.=warn;*.=err                  -/var/log/warn
*.crit                           /var/log/warn
*.*;mail.none;news.none;authpriv.none;auth.none         -/var/log/messages
kern.*          -/var/log/firewall

i'm not worried about errant kernel messages appearing in the firewall file - they only account for about 1.5% of the messages.  i've found websites saying that the firewall logs to kern.=info and kern.=debug.  what about boot messages (the other 1.5% of the firewall file) - what log level do they get passed through?

Who is Participating?

Improve company productivity with a Business Account.Sign Up

DarthModConnect With a Mentor Commented:
PAQed with points (300) refunded

Community Support Moderator
kevincaseyAuthor Commented:
any suggestions?  anyone?

   If you are running a gui based firewall configuration program look for the logging directive for the individual firewall rules that you do not want to see and disable the logging.  

kevincaseyAuthor Commented:
i'm not using a gui based tool.  i'm doing this by hand.

i ended up hacking this one together myself.  since i couldn't figure out what level the firewall was logging at, i ended up dumping all the kernel messages into the firewall log.  the two lines i ended up editing are below:

*.*;kern,mail,news,authpriv,auth.none           -/var/log/messages
kern.*          -/var/log/firewall
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.