I use "fwbuilder" to create my rules for iptables and it uses the option
"--log-level" to the the syslog priority but there seems to be no way to set
the facility which I think must be set to "kern".

I've also commented out the "kern.* /dev/console" line in /etc/syslog.conf
which is probably why I dont get the messages you're getting.

I've got *.debug going to /var/log/messages which is where I get my iptables
messages.

my guess is it is the kernel log daemon level that is set, if you look at
klogd it has a 0c option to set the outpuit level, 4 and above go to the
console or osmething AFAIR, so setting it to -c 3 will stop it going to the
console, /etc/init.d/syslogkd may have the command line arguments for klogd
or something.

See You
Steve

Howdy,
I think its the printk settings, the defaults make it so that
some messages go to the console, which isn't really what you want. I
think it might have been something like "7 4 1 7", cat
/proc/sys/kernel/printk, to see what you current values are. You can use
sysctl to change this if you have sysctl support in the kernel. The line
I added to my sysctl.conf to stop this from happening was "kernel.printk
= 3 4 1 7". Once you add that you can just run "sysctl -p" to update
changes. Sysctl is normally run on boot, so that you will not have to
run the command each time.

The follow are from man 2 syslog, they just say what the different
levels are. The first part of printk is the log level of the console,
which should be the one you need to change.

#define KERN_EMERG "<0>" /* system is unusable */
#define KERN_ALERT "<1>" /* action must be taken immediately */
#define KERN_CRIT "<2>" /* critical conditions */
#define KERN_ERR "<3>" /* error conditions */
#define KERN_WARNING "<4>" /* warning conditions */
#define KERN_NOTICE "<5>" /* normal but significant condition */
#define KERN_INFO "<6>" /* informational */
#define KERN_DEBUG "<7>" /* debug-level messages */

Hope this helps,
David.