On 08/20/2012 11:58 PM, Bob Goodwin - Zuni, Virginia, USA wrote:
[root@box9 bobg]# cat /var/log/messages
................ snip a few megs ................
Aug 20 11:52:44 localhost kernel: ACCEPT IN=br0 OUT=vlan1 SRC=192.168.1.9 DST=74.126.6.130 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=3031 DF PROTO=TCP SPT=54392 DPT=80 WINDOW=14600 RES=0x00 SYN URGP=0 OPT (020405B40402080A01BB124B0000000001030307) Aug 20 11:52:49 box9 dbus-daemon[584]: ** Message: No devices in use, exit Aug 20 11:52:55 localhost kernel: ACCEPT IN=br0 OUT=vlan1 SRC=192.168.1.9 DST=74.126.6.130 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=58958 DF PROTO=TCP SPT=54393 DPT=80 WINDOW=14600 RES=0x00 SYN URGP=0 OPT (020405B40402080A01BB3D530000000001030307) Aug 20 11:52:55 localhost rstats[3474]: Problem loading /home/bobg/Ulog. Still trying... Aug 20 11:53:08 localhost kernel: ACCEPT IN=br0 OUT=vlan1 SRC=192.168.1.9 DST=74.126.6.130 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=40904 DF PROTO=TCP SPT=54394 DPT=80 WINDOW=14600 RES=0x00 SYN URGP=0 OPT (020405B40402080A01BB68E30000000001030307)
It was my understanding that you were trying to shunt log entries sent by your "router" to a file different than /var/log/messages.
What you are showing are logs generated by your "localhost" that are created by iptables. You seem to have a rule set up to log entries with "ACCEPT" which is certain to fill up your log files.
I think your "problem" is really in your iptables setup and nothing to do with rsyslog.