netfilter log target kills the computer
gtaylor at riverviewtech.net
Wed Aug 17 07:16:04 CEST 2005
Switch to ULOG instead of LOG as LOG relies on Syslog which was *NOT* meant for high volume traffic. The other solution that I have proposed in the past is to set up TCPDump or Snort and have it sniff the headers out of packets and dump them to a log file and then post process said log file to extract what you are wanting and store it accordingly.
Grant. . . .
Ming-Ching Tiew wrote:
> Anyone notice that the log target is really too heavy ?
> I have seen various mishaviour to my Celeron 2.4 GHz
> machine ( fully dedicated as a firewall machine ) if I turn
> on logging. I am not sure if it is due to netfilter logging per se
> or due to me running syslogd to remote the log messages over
> the network. But in any case, once there is heavy iptabbles logging
> activities, the machine totally misbehaves.
> Besides the most obvious solutions ( ie to turn it off or get a faster
> computer ), any words of advise or recommendation ?
More information about the netfilter