Reply With QuoteSearch your guarddog script (presumably in /etc/init.d) for lines containing "-j LOG" and try commenting these out. Most of the stuff you posted seems to come from iptables.
Hi there. So I got a cable modem recently and since then my /var/log/messages has looked like this:
eth0: Setting full-duplex based on MII #1 link partner capability of 41e1.
NTFS driver v1.1.22 [Flags: R/W MODULE]
kjournald starting. Commit interval 5 seconds
EXT3 FS 2.4-0.9.19, 19 August 2002 on ide0(3,7), internal journal
EXT3-fs: mounted filesystem with ordered data mode.
ehci_hcd 00:10.3: VIA Technologies, Inc. USB 2.0
ehci_hcd 00:10.3: irq 21, pci mem e0cce000
usb.c: new USB bus registered, assigned bus number 4
ehci_hcd 00:10.3: USB 2.0 enabled, EHCI 1.00, driver 2003-Dec-29/2.4
usb.c: USB disconnect on device 00:10.0-1 address 2
printer.c: usblp0: removed
hub.c: USB hub found
hub.c: 6 ports detected
Linux Tulip driver version 0.9.15-pre12 (Aug 9, 2002)
eth1: Lite-On PNIC-II rev 37 at 0xc800, 00:C0:F0:75:2A:9F, IRQ 18.
hub.c: new USB device 00:10.0-1, assigned address 3
printer.c: usblp0: USB Bidirectional printer dev 3 if 0 alt 1 proto 2 vid 0x04B
8 pid 0x0002
ip_tables: (C) 2000-2002 Netfilter core team
ip_conntrack version 2.1 (4095 buckets, 32760 max) - 288 bytes per conntrack
parport0: PC-style at 0x378 [PCSPP,TRISTATE]
lp0: using parport0 (polling).
lp0: console ready
IN=eth0 OUT= MAC= SRC=my.ip.address DST=my.ip.net.255 LEN=96 TOS=0x00 PREC=0x00
TTL=64 ID=0 DF PROTO=UDP SPT=137 DPT=137 LEN=76
IN=eth0 OUT= MAC= SRC=my.ip.address DST=my.ip.net.255 LEN=96 TOS=0x00 PREC=0x00
TTL=64 ID=0 DF PROTO=UDP SPT=137 DPT=137 LEN=76
IN=eth0 OUT= MAC= SRC=my.ip.address DST=my.ip.net.255 LEN=96 TOS=0x00 PREC=0x00
TTL=64 ID=0 DF PROTO=UDP SPT=137 DPT=137 LEN=76
IN=eth0 OUT= MAC= SRC=my.ip.address DST=my.ip.net.255 LEN=96 TOS=0x00 PREC=0x00
TTL=64 ID=0 DF PROTO=UDP SPT=137 DPT=137 LEN=76
IN=eth0 OUT= MAC= SRC=my.ip.address DST=my.ip.net.255 LEN=96 TOS=0x00 PREC=0x00
TTL=64 ID=0 DF PROTO=UDP SPT=137 DPT=137 LEN=76
IN=eth0 OUT= MAC= SRC=my.ip.address DST=my.ip.net.255 LEN=265 TOS=0x00 PREC=0x0
0 TTL=64 ID=0 DF PROTO=UDP SPT=138 DPT=138 LEN=245
IN=eth0 OUT= MAC= SRC=my.ip.address DST=my.ip.net.255 LEN=96 TOS=0x00 PREC=0x00
TTL=64 ID=0 DF PROTO=UDP SPT=137 DPT=137 LEN=76
IN=eth0 OUT= MAC= SRC=my.ip.address DST=my.ip.net.255 LEN=96 TOS=0x00 PREC=0x00
TTL=64 ID=0 DF PROTO=UDP SPT=137 DPT=137 LEN=76
IN=eth0 OUT= MAC= SRC=my.ip.address DST=my.ip.net.255 LEN=96 TOS=0x00 PREC=0x00
TTL=64 ID=0 DF PROTO=UDP SPT=137 DPT=137 LEN=76
IN=eth0 OUT= MAC= SRC=my.ip.address DST=my.ip.net.255 LEN=96 TOS=0x00 PREC=0x00
TTL=64 ID=0 DF PROTO=UDP SPT=137 DPT=137 LEN=76
IN=eth0 OUT= MAC= SRC=my.ip.address DST=my.ip.net.255 LEN=96 TOS=0x00 PREC=0x00
TTL=64 ID=0 DF PROTO=UDP SPT=137 DPT=137 LEN=76
IN=eth0 OUT= MAC= SRC=my.ip.address DST=my.ip.net.255 LEN=96 TOS=0x00 PREC=0x00
TTL=64 ID=0 DF PROTO=UDP SPT=137 DPT=137 LEN=76
IN=eth0 OUT= MAC= SRC=my.ip.address DST=my.ip.net.255 LEN=96 TOS=0x00 PREC=0x00
TTL=64 ID=0 DF PROTO=UDP SPT=137 DPT=137 LEN=76
IN=eth0 OUT= MAC= SRC=my.ip.address DST=my.ip.net.255 LEN=96 TOS=0x00 PREC=0x00
TTL=64 ID=0 DF PROTO=UDP SPT=137 DPT=137 LEN=76
IN=eth0 OUT= MAC= SRC=my.ip.address DST=my.ip.net.255 LEN=96 TOS=0x00 PREC=0x00
TTL=64 ID=0 DF PROTO=UDP SPT=137 DPT=137 LEN=76
IN=eth0 OUT= MAC= SRC=my.ip.address DST=my.ip.net.255 LEN=96 TOS=0x00 PREC=0x00
TTL=64 ID=0 DF PROTO=UDP SPT=137 DPT=137 LEN=76
PCTel: No device detected. Abort module loading.
IN=eth0 OUT= MAC= SRC=my.ip.address DST=my.ip.net.255 LEN=96 TOS=0x00 PREC=0x00
TTL=64 ID=0 DF PROTO=UDP SPT=137 DPT=137 LEN=76
IN=eth0 OUT= MAC= SRC=my.ip.address DST=my.ip.net.255 LEN=96 TOS=0x00 PREC=0x00
TTL=64 ID=0 DF PROTO=UDP SPT=137 DPT=137 LEN=76
IN=eth0 OUT= MAC= SRC=my.ip.address DST=my.ip.net.255 LEN=96 TOS=0x00 PREC=0x00
TTL=64 ID=0 DF PROTO=UDP SPT=137 DPT=137 LEN=76
IN=eth0 OUT= MAC= SRC=my.ip.address DST=my.ip.net.255 LEN=96 TOS=0x00 PREC=0x00
TTL=64 ID=0 DF PROTO=UDP SPT=137 DPT=137 LEN=76
IN=eth0 OUT= MAC= SRC=my.ip.address DST=my.ip.net.255 LEN=96 TOS=0x00 PREC=0x00
TTL=64 ID=0 DF PROTO=UDP SPT=137 DPT=137 LEN=76
NVRM: loading NVIDIA Linux x86 NVIDIA Kernel Module 1.0-6111 Tue Jul 27 07:55
:38 PDT 2004
IN=eth0 OUT= MAC= SRC=my.ip.address DST=255.255.255.255 LEN=118 TOS=0x00 PREC=0
x00 TTL=64 ID=0 DF PROTO=UDP SPT=631 DPT=631 LEN=98
IN=eth0 OUT= MAC= SRC=my.ip.address DST=255.255.255.255 LEN=118 TOS=0x00 PREC=0
x00 TTL=64 ID=0 DF PROTO=UDP SPT=631 DPT=631 LEN=98
IN=eth0 OUT= MAC= SRC=my.ip.address DST=my.ip.net.255 LEN=265 TOS=0x00 PREC=0x0
0 TTL=64 ID=0 DF PROTO=UDP SPT=138 DPT=138 LEN=245
IN=eth0 OUT= MAC=00:e1:1c:b1:36:6f:00:01:7c:22:j7:61:08:00 SRC=221.224.222.13 D
ST=my.ip.address LEN=48 TOS=0x00 PREC=0x00 TTL=105 ID=9635 DF PROTO=TCP SPT=162
9 DPT=5554 WINDOW=65044 RES=0x00 SYN URGP=0
IN=eth0 OUT= MAC= SRC=my.ip.address DST=255.255.255.255 LEN=118 TOS=0x00 PREC=0
x00 TTL=64 ID=0 DF PROTO=UDP SPT=631 DPT=631 LEN=98
IN=eth0 OUT= MAC= SRC=my.ip.address DST=255.255.255.255 LEN=118 TOS=0x00 PREC=0
x00 TTL=64 ID=0 DF PROTO=UDP SPT=631 DPT=631 LEN=98
IN=eth0 OUT= MAC=00:e1:1c:b1:36:6f:00:01:7c:22:j7:61:08:00 SRC=65.42.16.185 DST
=my.ip.address LEN=52 TOS=0x00 PREC=0x00 TTL=41 ID=37710 DF PROTO=TCP SPT=58697
DPT=6881 WINDOW=60352 RES=0x00 SYN URGP=0
And it is chock full of that. It sort of renders the log useless. I hate to admit I don't know where this is coming from. I'm using guarddog for a firewall. I'm on kernel 2.4.26. Obviously the log dosn't say "my.ip.address" and "my.ip.net.255", it actually has the ips in there.
Any ideas, or maybe a shove in the right direction. It may just be I am searching for the wrong terms and there is an easy answer I've missed.
Search your guarddog script (presumably in /etc/init.d) for lines containing "-j LOG" and try commenting these out. Most of the stuff you posted seems to come from iptables.
Posting Permissions
1U BareMetal pfsense opnsense Router Firewall DNS Server 6x 10GB Ethernet Ports
$149.00
Globalscale Technologies DreamPlug AppNeta M22 Linux Server Dual GB Ethernet
$24.99
Custom Server 15" Depth X11SSH-F E3-1270 V6 3.8Ghz 4 Core - 128GB NVME 32GB RAM
$399.00
6x Powered By Linux Computer Sticker Decals Desktop Laptop Server Badge Decal
$2.99
6x Linux Mint Computer Sticker Decals Desktop Laptop Server Badge Decal Vinyl
$2.99
Globalscale Technologies DreamPlug AppNeta M22 Linux Server Dual GB Ethernet
$21.99
PFSENSE 15" Depth Server Router Firewall Supermicro X11SSH-F E3-1240 V5 32GB RAM
$382.00
1U Server 15" Depth X11SSH-F E3-1240 V5 3.5Ghz 4 Core 32GB RAM 240G SSD
$281.00
Australia Linux Server- 32 GB RAM + 500 HDD + 6 Core processor
$65.92
VPS Windows / Linux Server - 12GB RAM, 4 Core, 1 TB HD, Unltd. bandwidth 1 Year
$276.91