Reply With QuoteSearch your guarddog script (presumably in /etc/init.d) for lines containing "-j LOG" and try commenting these out. Most of the stuff you posted seems to come from iptables.
Hi there. So I got a cable modem recently and since then my /var/log/messages has looked like this:
eth0: Setting full-duplex based on MII #1 link partner capability of 41e1.
NTFS driver v1.1.22 [Flags: R/W MODULE]
kjournald starting. Commit interval 5 seconds
EXT3 FS 2.4-0.9.19, 19 August 2002 on ide0(3,7), internal journal
EXT3-fs: mounted filesystem with ordered data mode.
ehci_hcd 00:10.3: VIA Technologies, Inc. USB 2.0
ehci_hcd 00:10.3: irq 21, pci mem e0cce000
usb.c: new USB bus registered, assigned bus number 4
ehci_hcd 00:10.3: USB 2.0 enabled, EHCI 1.00, driver 2003-Dec-29/2.4
usb.c: USB disconnect on device 00:10.0-1 address 2
printer.c: usblp0: removed
hub.c: USB hub found
hub.c: 6 ports detected
Linux Tulip driver version 0.9.15-pre12 (Aug 9, 2002)
eth1: Lite-On PNIC-II rev 37 at 0xc800, 00:C0:F0:75:2A:9F, IRQ 18.
hub.c: new USB device 00:10.0-1, assigned address 3
printer.c: usblp0: USB Bidirectional printer dev 3 if 0 alt 1 proto 2 vid 0x04B
8 pid 0x0002
ip_tables: (C) 2000-2002 Netfilter core team
ip_conntrack version 2.1 (4095 buckets, 32760 max) - 288 bytes per conntrack
parport0: PC-style at 0x378 [PCSPP,TRISTATE]
lp0: using parport0 (polling).
lp0: console ready
IN=eth0 OUT= MAC= SRC=my.ip.address DST=my.ip.net.255 LEN=96 TOS=0x00 PREC=0x00
TTL=64 ID=0 DF PROTO=UDP SPT=137 DPT=137 LEN=76
IN=eth0 OUT= MAC= SRC=my.ip.address DST=my.ip.net.255 LEN=96 TOS=0x00 PREC=0x00
TTL=64 ID=0 DF PROTO=UDP SPT=137 DPT=137 LEN=76
IN=eth0 OUT= MAC= SRC=my.ip.address DST=my.ip.net.255 LEN=96 TOS=0x00 PREC=0x00
TTL=64 ID=0 DF PROTO=UDP SPT=137 DPT=137 LEN=76
IN=eth0 OUT= MAC= SRC=my.ip.address DST=my.ip.net.255 LEN=96 TOS=0x00 PREC=0x00
TTL=64 ID=0 DF PROTO=UDP SPT=137 DPT=137 LEN=76
IN=eth0 OUT= MAC= SRC=my.ip.address DST=my.ip.net.255 LEN=96 TOS=0x00 PREC=0x00
TTL=64 ID=0 DF PROTO=UDP SPT=137 DPT=137 LEN=76
IN=eth0 OUT= MAC= SRC=my.ip.address DST=my.ip.net.255 LEN=265 TOS=0x00 PREC=0x0
0 TTL=64 ID=0 DF PROTO=UDP SPT=138 DPT=138 LEN=245
IN=eth0 OUT= MAC= SRC=my.ip.address DST=my.ip.net.255 LEN=96 TOS=0x00 PREC=0x00
TTL=64 ID=0 DF PROTO=UDP SPT=137 DPT=137 LEN=76
IN=eth0 OUT= MAC= SRC=my.ip.address DST=my.ip.net.255 LEN=96 TOS=0x00 PREC=0x00
TTL=64 ID=0 DF PROTO=UDP SPT=137 DPT=137 LEN=76
IN=eth0 OUT= MAC= SRC=my.ip.address DST=my.ip.net.255 LEN=96 TOS=0x00 PREC=0x00
TTL=64 ID=0 DF PROTO=UDP SPT=137 DPT=137 LEN=76
IN=eth0 OUT= MAC= SRC=my.ip.address DST=my.ip.net.255 LEN=96 TOS=0x00 PREC=0x00
TTL=64 ID=0 DF PROTO=UDP SPT=137 DPT=137 LEN=76
IN=eth0 OUT= MAC= SRC=my.ip.address DST=my.ip.net.255 LEN=96 TOS=0x00 PREC=0x00
TTL=64 ID=0 DF PROTO=UDP SPT=137 DPT=137 LEN=76
IN=eth0 OUT= MAC= SRC=my.ip.address DST=my.ip.net.255 LEN=96 TOS=0x00 PREC=0x00
TTL=64 ID=0 DF PROTO=UDP SPT=137 DPT=137 LEN=76
IN=eth0 OUT= MAC= SRC=my.ip.address DST=my.ip.net.255 LEN=96 TOS=0x00 PREC=0x00
TTL=64 ID=0 DF PROTO=UDP SPT=137 DPT=137 LEN=76
IN=eth0 OUT= MAC= SRC=my.ip.address DST=my.ip.net.255 LEN=96 TOS=0x00 PREC=0x00
TTL=64 ID=0 DF PROTO=UDP SPT=137 DPT=137 LEN=76
IN=eth0 OUT= MAC= SRC=my.ip.address DST=my.ip.net.255 LEN=96 TOS=0x00 PREC=0x00
TTL=64 ID=0 DF PROTO=UDP SPT=137 DPT=137 LEN=76
IN=eth0 OUT= MAC= SRC=my.ip.address DST=my.ip.net.255 LEN=96 TOS=0x00 PREC=0x00
TTL=64 ID=0 DF PROTO=UDP SPT=137 DPT=137 LEN=76
PCTel: No device detected. Abort module loading.
IN=eth0 OUT= MAC= SRC=my.ip.address DST=my.ip.net.255 LEN=96 TOS=0x00 PREC=0x00
TTL=64 ID=0 DF PROTO=UDP SPT=137 DPT=137 LEN=76
IN=eth0 OUT= MAC= SRC=my.ip.address DST=my.ip.net.255 LEN=96 TOS=0x00 PREC=0x00
TTL=64 ID=0 DF PROTO=UDP SPT=137 DPT=137 LEN=76
IN=eth0 OUT= MAC= SRC=my.ip.address DST=my.ip.net.255 LEN=96 TOS=0x00 PREC=0x00
TTL=64 ID=0 DF PROTO=UDP SPT=137 DPT=137 LEN=76
IN=eth0 OUT= MAC= SRC=my.ip.address DST=my.ip.net.255 LEN=96 TOS=0x00 PREC=0x00
TTL=64 ID=0 DF PROTO=UDP SPT=137 DPT=137 LEN=76
IN=eth0 OUT= MAC= SRC=my.ip.address DST=my.ip.net.255 LEN=96 TOS=0x00 PREC=0x00
TTL=64 ID=0 DF PROTO=UDP SPT=137 DPT=137 LEN=76
NVRM: loading NVIDIA Linux x86 NVIDIA Kernel Module 1.0-6111 Tue Jul 27 07:55
:38 PDT 2004
IN=eth0 OUT= MAC= SRC=my.ip.address DST=255.255.255.255 LEN=118 TOS=0x00 PREC=0
x00 TTL=64 ID=0 DF PROTO=UDP SPT=631 DPT=631 LEN=98
IN=eth0 OUT= MAC= SRC=my.ip.address DST=255.255.255.255 LEN=118 TOS=0x00 PREC=0
x00 TTL=64 ID=0 DF PROTO=UDP SPT=631 DPT=631 LEN=98
IN=eth0 OUT= MAC= SRC=my.ip.address DST=my.ip.net.255 LEN=265 TOS=0x00 PREC=0x0
0 TTL=64 ID=0 DF PROTO=UDP SPT=138 DPT=138 LEN=245
IN=eth0 OUT= MAC=00:e1:1c:b1:36:6f:00:01:7c:22:j7:61:08:00 SRC=221.224.222.13 D
ST=my.ip.address LEN=48 TOS=0x00 PREC=0x00 TTL=105 ID=9635 DF PROTO=TCP SPT=162
9 DPT=5554 WINDOW=65044 RES=0x00 SYN URGP=0
IN=eth0 OUT= MAC= SRC=my.ip.address DST=255.255.255.255 LEN=118 TOS=0x00 PREC=0
x00 TTL=64 ID=0 DF PROTO=UDP SPT=631 DPT=631 LEN=98
IN=eth0 OUT= MAC= SRC=my.ip.address DST=255.255.255.255 LEN=118 TOS=0x00 PREC=0
x00 TTL=64 ID=0 DF PROTO=UDP SPT=631 DPT=631 LEN=98
IN=eth0 OUT= MAC=00:e1:1c:b1:36:6f:00:01:7c:22:j7:61:08:00 SRC=65.42.16.185 DST
=my.ip.address LEN=52 TOS=0x00 PREC=0x00 TTL=41 ID=37710 DF PROTO=TCP SPT=58697
DPT=6881 WINDOW=60352 RES=0x00 SYN URGP=0
And it is chock full of that. It sort of renders the log useless. I hate to admit I don't know where this is coming from. I'm using guarddog for a firewall. I'm on kernel 2.4.26. Obviously the log dosn't say "my.ip.address" and "my.ip.net.255", it actually has the ips in there.
Any ideas, or maybe a shove in the right direction. It may just be I am searching for the wrong terms and there is an easy answer I've missed.
Search your guarddog script (presumably in /etc/init.d) for lines containing "-j LOG" and try commenting these out. Most of the stuff you posted seems to come from iptables.
Posting Permissions
IBM 8203 E4A p520 Server 8203-E4A 4.2GHz 2-Core POWER6 32GB RAM / NO HDD USED
$99.99
IBM Power S822 12-Bay Server System Power8 Core 3.42Ghz DVD-Rom Drive 64GB No HD
$399.99
IBM 7944AC1 System x3550 M3 Server 1*Intel Xeon X5650 2.67GHz 4GB SEE NOTES
$27.25
IBM LENOVO SYSTEM X 3550 M5 2x XEON E5-2640 V4 CPUs NO RAM NO DRIVES 1U RACK
$199.99
IBM Power 740 8205-E6C Express 8-SFF Power7 3.55GHz CPU 64GB RAM *No HDD* Server
$191.99
IBM Power 720 POWER7 00E6516 3.6GHz CPU 64GB RAM Server
$209.98
IBM System x3250 M4 Server Intel Xeon E3-1220 3.10GHz 8GB RAM No HDDs
$65.02
IBM Lenovo X3650 M5 2U 8x 2.5” CTO Rack Server – 2x HS, 2x 750W
$199.00
IBM System X3500 M4 7383AC1 (E5-2650 v2 2.60GHz - 192GB RAM - M2000 - NO OS/HDD)
$264.92
IBM System x3250 M1 1U Server Intel Pentium D @3.4 2GB RAM x2 250GB DRIVES NO OS
$27.99