I was getting a lot of messages like TCP blocked - UDP Blocked in my SSH console ( terminal)
which was making it difficult for me to login via SSH
The result shows the current, default, minimum and boot-time-default log levels.
To stop CSF or SSH Console from logging messages, you can tweak
here is the solution:
I used nano to edit sysctl.conf file
# Uncomment the kernel.printk = and add 3 4 1 3 instead of another setting
( if there is no kernel.printk = then just add the line below at the bottom of /etc/sysctl.conf )
now choose ctrl and X
select Y for yes ( click enter) then Enter again
close and save.
You can then activate it without rebooting server using SSH Console or Terminal:
with this command #
and that's it, you wont get all those messages in your terminal so you can Login and work.
Code:
Feb 11 04:05:16 server1 kernel: Firewall: UDP_IN Blocked IN=ens18 OUT= MAC=ff:ff:ff:ff:ff:ff:96:60:53:9d:9d:fa:08:00 SRC=23.xx.xx.xx DST=255.255.255.255 LEN=478 TOS=0x00 PREC=0x00 TTL=64 ID=25441 DF PROTO=UDP SPT=21844 DPT=39390 LEN=458
Feb 11 04:05:22 server1 kernel: Firewall: UDP_IN Blocked IN=ens18 OUT= MAC=ff:ff:ff:ff:ff:ff:4c:5e:0c:02:7d:5a:08:00 SRC=23.xx.xx.xx DST=255.255.255.255 LEN=171 TOS=0x00 PREC=0x00 TTL=64 ID=0 PROTO=UDP SPT=5678 DPT=5678 LEN=151
Feb 11 04:05:23 server1 kernel: Firewall: UDP_IN Blocked IN=ens18 OUT= MAC=ff:ff:ff:ff:ff:ff:96:60:53:9d:9d:fa:08:00 SRC=23.xx.xx.xx DST=255.255.255.255 LEN=478 TOS=0x00 PREC=0x00 TTL=64 ID=26864 DF PROTO=UDP SPT=64971 DPT=39390 LEN=458
Feb 11 04:05:36 server1 kernel: Firewall: UDP_IN Blocked IN=ens18 OUT= MAC=ff:ff:ff:ff:ff:ff:96:60:53:9d:9d:fa:08:00 SRC=23.xx.xx.xx DST=255.255.255.255 LEN=478 TOS=0x00 PREC=0x00 TTL=64 ID=28978 DF PROTO=UDP SPT=44882 DPT=39390 LEN=458
Feb 11 04:05:36 server1 lfd[212497]: SYSLOG check [FORsKzTmb9bHZVClIIAx]
Feb 11 04:05:42 server1 kernel: Firewall: UDP_IN Blocked IN=ens18 OUT= MAC=ff:ff:ff:ff:ff:ff:76:33:0e:d8:69:f8:08:00 SRC=23.xx.xx.xx DST=255.255.255.255 LEN=165 TOS=0x00 PREC=0x00 TTL=64 ID=10713 DF PROTO=UDP SPT=54403 DPT=6771 LEN=145
Feb 11 04:05:44 server1 kernel: Firewall: UDP_IN Blocked IN=ens18 OUT= MAC=ff:ff:ff:ff:ff:ff:96:60:53:9d:9d:fa:08:00 SRC=23.xx.xx.xx DST=255.255.255.255 LEN=478 TOS=0x00 PREC=0x00 TTL=64 ID=31110 DF PROTO=UDP SPT=44882 DPT=39390 LEN=458
Feb 11 04:05:49 server1 kernel: Firewall: UDP_IN Blocked IN=ens18 OUT= MAC=ff:ff:ff:ff:ff:ff:b2:ff:6b:b7:5b:81:08:00 SRC=23.xx.xx.xx DST=255.255.255.255 LEN=138 TOS=0x00 PREC=0x00 TTL=64 ID=0 PROTO=UDP SPT=5678 DPT=5678 LEN=118
Feb 11 04:05:52 server1 kernel: Firewall: UDP_IN Blocked IN=ens18 OUT= MAC=ff:ff:ff:ff:ff:ff:96:60:53:9d:9d:fa:08:00 SRC=23.xx.xx.xx DST=255.255.255.255 LEN=478 TOS=0x00 PREC=0x00 TTL=64 ID=31767 DF PROTO=UDP SPT=44882 DPT=39390 LEN=458
You can check the current console_loglevel with:
Code:
$ cat /proc/sys/kernel/printk
Example output:
4 4 1 7
To stop CSF or SSH Console from logging messages, you can tweak
/etc/sysctl.conf
and uncomment the kernel.printk =
linehere is the solution:
I used nano to edit sysctl.conf file
nano /etc/sysctl.conf
# Uncomment the kernel.printk = and add 3 4 1 3 instead of another setting
( if there is no kernel.printk = then just add the line below at the bottom of /etc/sysctl.conf )
kernel.printk = 3 4 1 3
now choose ctrl and X
select Y for yes ( click enter) then Enter again
close and save.
You can then activate it without rebooting server using SSH Console or Terminal:
with this command #
sysctl --system
and that's it, you wont get all those messages in your terminal so you can Login and work.