So, as the previous try on getting the teamix people to fix the bloody LoadBalancer (as in sending at least an identification string for the SSH check) didn’t work so well (they told me, I should configure MASQuerading/ROUTEing on the PacketPro (which is kinda icky), I went on today and looked at what SLES10 installs as default logger.
Surprisingly they install a rather new syslog-ng (well, syslog-ng-1.6.8 is what they ship) so it was rather easy to workaround the situation.
Here’s what already was in the syslog-ng.conf.in (more on that later):
1 2 |
filter f_iptables { facility(kern) and match("IN=") and match("OUT="); }; filter f_messages { not facility(news, mail) and not filter(f_iptables) }; |
which I just extended with the following:
1 2 3 4 |
filter f_iptables { facility(kern) and match("IN=") and match("OUT="); }; filter f_messages { not facility(news, mail) and not filter(f_iptables) and not match ("Did not receive identification string from 172.16.(123|234)"); }; |
Afterwards just a quick SuSEconfig -module syslog-ng, restart the syslog daemon and the messages were gonse. Sure I know it’s a rather ugly hack 😆 , but since they refused to provide a “true” fix and it seemed like that question has been asked more than once it works for me, so *shrug* 😛
But now you’d ask why syslog-ng.conf.in ? Simply because Novell figured it would be too easy to just invent things like CONFIG_PROTECT for RPM/YaST, so they placed yet another file in there; from which the syslog-ng.conf files is generated every time SuSEconfig is being executed (that’s like every time you install a package using YaST).