Spirogg

Stop logging messages to console (SSH Console) kernel printk

I was getting a lot of messages like TCP blocked - UDP Blocked in my SSH console ( terminal)

Code:
Feb 11 04:05:16 server1 kernel: Firewall: UDP_IN Blocked IN=ens18 OUT= MAC=ff:ff:ff:ff:ff:ff:96:60:53:9d:9d:fa:08:00 SRC=23.xx.xx.xx DST=255.255.255.255 LEN=478 TOS=0x00 PREC=0x00 TTL=64 ID=25441 DF PROTO=UDP SPT=21844 DPT=39390 LEN=458
Feb 11 04:05:22 server1 kernel: Firewall: UDP_IN Blocked IN=ens18 OUT= MAC=ff:ff:ff:ff:ff:ff:4c:5e:0c:02:7d:5a:08:00 SRC=23.xx.xx.xx DST=255.255.255.255 LEN=171 TOS=0x00 PREC=0x00 TTL=64 ID=0 PROTO=UDP SPT=5678 DPT=5678 LEN=151
Feb 11 04:05:23 server1 kernel: Firewall: UDP_IN Blocked IN=ens18 OUT= MAC=ff:ff:ff:ff:ff:ff:96:60:53:9d:9d:fa:08:00 SRC=23.xx.xx.xx DST=255.255.255.255 LEN=478 TOS=0x00 PREC=0x00 TTL=64 ID=26864 DF PROTO=UDP SPT=64971 DPT=39390 LEN=458
Feb 11 04:05:36 server1 kernel: Firewall: UDP_IN Blocked IN=ens18 OUT= MAC=ff:ff:ff:ff:ff:ff:96:60:53:9d:9d:fa:08:00 SRC=23.xx.xx.xx DST=255.255.255.255 LEN=478 TOS=0x00 PREC=0x00 TTL=64 ID=28978 DF PROTO=UDP SPT=44882 DPT=39390 LEN=458
Feb 11 04:05:36 server1 lfd[212497]: SYSLOG check [FORsKzTmb9bHZVClIIAx]
Feb 11 04:05:42 server1 kernel: Firewall: UDP_IN Blocked IN=ens18 OUT= MAC=ff:ff:ff:ff:ff:ff:76:33:0e:d8:69:f8:08:00 SRC=23.xx.xx.xx DST=255.255.255.255 LEN=165 TOS=0x00 PREC=0x00 TTL=64 ID=10713 DF PROTO=UDP SPT=54403 DPT=6771 LEN=145
Feb 11 04:05:44 server1 kernel: Firewall: UDP_IN Blocked IN=ens18 OUT= MAC=ff:ff:ff:ff:ff:ff:96:60:53:9d:9d:fa:08:00 SRC=23.xx.xx.xx DST=255.255.255.255 LEN=478 TOS=0x00 PREC=0x00 TTL=64 ID=31110 DF PROTO=UDP SPT=44882 DPT=39390 LEN=458
Feb 11 04:05:49 server1 kernel: Firewall: UDP_IN Blocked IN=ens18 OUT= MAC=ff:ff:ff:ff:ff:ff:b2:ff:6b:b7:5b:81:08:00 SRC=23.xx.xx.xx DST=255.255.255.255 LEN=138 TOS=0x00 PREC=0x00 TTL=64 ID=0 PROTO=UDP SPT=5678 DPT=5678 LEN=118
Feb 11 04:05:52 server1 kernel: Firewall: UDP_IN Blocked IN=ens18 OUT= MAC=ff:ff:ff:ff:ff:ff:96:60:53:9d:9d:fa:08:00 SRC=23.xx.xx.xx DST=255.255.255.255 LEN=478 TOS=0x00 PREC=0x00 TTL=64 ID=31767 DF PROTO=UDP SPT=44882 DPT=39390 LEN=458
which was making it difficult for me to login via SSH


The log level specifies the importance of a message. The kernel decides whether to show the message immediately (printing it to the current console) depending on its log level and the current console_loglevel (a kernel variable). If the message priority is higher (lower log level value) than the console_loglevel the message will be printed to the console.

If the log level is omitted, the message is printed with KERN_DEFAULT level.
You can check the current console_loglevel with:
Code:
$ cat /proc/sys/kernel/printk
Example output:
4 4 1 7
The result shows the current, default, minimum and boot-time-default log levels.


To stop CSF or SSH Console from logging messages, you can tweak /etc/sysctl.conf and uncomment the kernel.printk = line

here is the solution:

I used nano to edit sysctl.conf file

nano /etc/sysctl.conf


# Uncomment the kernel.printk = and add 3 4 1 3 instead of another setting

( if there is no kernel.printk = then just add the line below at the bottom of /etc/sysctl.conf )

kernel.printk = 3 4 1 3

now choose ctrl and X
select Y for yes ( click enter) then Enter again

close and save.

You can then activate it without rebooting server using SSH Console or Terminal:

with this command # sysctl --system

and that's it, you wont get all those messages in your terminal so you can Login and work.
Author
Spirogg
Views
4,631
First release
Last update
Rating
0.00 star(s) 0 ratings