Iptables

Iptables

Post by yeah » Wed, 05 Jun 2002 06:03:59



Hello,

Between all the "normal" messages of the iptables log in my /var/log/messages i
have messages that say Jun 3 20:15:15 fw -- MARK --
About 3 or 4 in a row and then back to the "normal" messages again. It
happens every 20 min, so i suspect it's something of a daemon doing
something but i have no clue who and what.
Does anybody knows what these messages are ?

Thx

 
 
 

Iptables

Post by Davi » Wed, 05 Jun 2002 06:56:31



> Hello,

> Between all the "normal" messages of the iptables log in my /var/log/messages i
> have messages that say Jun 3 20:15:15 fw -- MARK --
> About 3 or 4 in a row and then back to the "normal" messages again. It
> happens every 20 min, so i suspect it's something of a daemon doing
> something but i have no clue who and what.
> Does anybody knows what these messages are ?

This is the SYSLOG daemon telling you that SYSLOG is running but had
nothing to report. If you don't like this behavior, you can disable it
by editing the following file and changing the MARK time out.

In /etc/rc.d/init.d/syslog, find the line that says:

     daemon syslogd

and replace it with:

     daemon syslogd -m 0

Then restart the syslog daemon

--
   Confucius:  He who play in root, eventually kill tree.
Registered with the Linux Counter.  http://counter.li.org

 
 
 

Iptables

Post by Alla » Wed, 05 Jun 2002 19:04:29



Quote:> Hello,

> Between all the "normal" messages of the iptables log in my
/var/log/messages i
> have messages that say Jun 3 20:15:15 fw -- MARK --
> About 3 or 4 in a row and then back to the "normal" messages again. It
> happens every 20 min, so i suspect it's something of a daemon doing
> something but i have no clue who and what.
> Does anybody knows what these messages are ?

> Thx

I saw this sometime ago and was advised it is a marker so that you know the
logs are still 'active' even though nothing is logged

--
Allan

 
 
 

Iptables

Post by yeah » Thu, 06 Jun 2002 00:38:05



> This is the SYSLOG daemon telling you that SYSLOG is running but had
> nothing to report. If you don't like this behavior, you can disable it
> by editing the following file and changing the MARK time out.

> In /etc/rc.d/init.d/syslog, find the line that says:

>      daemon syslogd

> and replace it with:

>      daemon syslogd -m 0

> Then restart the syslog daemon

So i have nothing to worry about :)
Thanks for the answers !!