방화벽이 /var/log/messages에 로그를 기록하는 것을 중지하는 방법은 무엇입니까?

저는 OpenSUSE 11.4를 실행하고 있습니다. 문제는 무엇을 기록할지 쉽게 설정할 수 있지만 어디에 기록할지 설정할 수 없다는 것입니다. 현재 동일한 로그가 /var/log/firewall및 에 기록됩니다 /var/log/messages. 나는 여전히 메시지가 두 번째가 아닌 첫 번째에 기록되기를 원합니다. 이는 중복되고 일반 syslog를 오염시킵니다.

그렇다면 방화벽이 로그를 작성하는 것을 어떻게 중지합니까 /var/log/messages?

제가 가지고 있는데 /etc/rsyslog.conf그 내용은 다음과 같습니다.

##
## Note, that when the MYSQL, PGSQL, GSSAPI, GnuTLS or SNMP modules
## (provided in separate rsyslog-module-* packages) are enabled, the
## configuration can't be used on a system with /usr on a remote
## filesystem.
## [The modules are linked against libraries installed bellow of /usr
##  thus also installed in /usr/lib*/rsyslog because of this.]
##
## You can change it by adding network-remotefs to the Required-Start
## and Required-Stop LSB init tags in the /etc/init.d/syslog script.
##

#
# if you experience problems, check
# http://www.rsyslog.com/troubleshoot for assistance
# and report them at http://bugzilla.novell.com/
#

# rsyslog v3: load input modules
# If you do not load inputs, nothing happens!

$ModLoad immark.so     # provides --MARK-- message capability (every 1 hour)
$MarkMessagePeriod     3600

$ModLoad imuxsock.so   # provides support for local system logging (e.g. via logger command)
                       # reduce dupplicate log messages (last message repeated n times)
$RepeatedMsgReduction on

$ModLoad imklog.so     # kernel logging (may be also provided by /sbin/klogd),
                       # see also http://www.rsyslog.com/doc-imklog.html.
$klogConsoleLogLevel 1 # set log level 1 (same as in /etc/sysconfig/syslog).

#
# Use traditional log format by default. To change it for a single
# file, append ";RSYSLOG_TraditionalFileFormat" to the filename.
#
$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat

#
# Include config generated by /etc/init.d/syslog script
# using the SYSLOGD_ADDITIONAL_SOCKET* variables in the
# /etc/sysconfig/syslog file.
#
$IncludeConfig /var/run/rsyslog/additional-log-sockets.conf

#
# Include config files, that the admin provided? :
#
$IncludeConfig /etc/rsyslog.d/*.conf

###
# print most important on tty10 and on the xconsole pipe
#
if      ( \
            /* kernel up to warning except of firewall  */ \
            ($syslogfacility-text == 'kern')      and      \
            ($syslogseverity <= 4 /* warning */ ) and not  \
            ($msg contains 'IN=' and $msg contains 'OUT=') \
        ) or ( \
            /* up to errors except of facility authpriv */ \
            ($syslogseverity <= 3 /* errors  */ ) and not  \
            ($syslogfacility-text == 'authpriv')           \
        ) \
then    /dev/tty10
&       |/dev/xconsole

# Emergency messages to everyone logged on (wall)
*.emerg                                  *

# enable this, if you want that root is informed
# immediately, e.g. of logins
#*.alert                                root

#
# firewall messages into separate file and stop their further processing
#
if      ($syslogfacility-text == 'kern') and \
        ($msg contains 'IN=' and $msg contains 'OUT=') \
then    -/var/log/firewall
&       ~

#
# acpid messages into separate file and stop their further processing
#
# => all acpid messages for debuging (uncomment if needed):
#if     ($programname == 'acpid' or $syslogtag == '[acpid]:') then \
#       -/var/log/acpid
#
# => up to notice (skip info and debug)
if      ($programname == 'acpid' or $syslogtag == '[acpid]:') and \
        ($syslogseverity <= 5 /* notice */) \
then    -/var/log/acpid
&       ~

#
# NetworkManager into separate file and stop their further processing
#
if      ($programname == 'NetworkManager') or \
        ($programname startswith 'nm-') \
then    -/var/log/NetworkManager
&       ~

#
# email-messages
#
mail.*                                  -/var/log/mail
mail.info                               -/var/log/mail.info
mail.warning                            -/var/log/mail.warn
mail.err                                 /var/log/mail.err

#
# news-messages
#
news.crit                               -/var/log/news/news.crit
news.err                                -/var/log/news/news.err
news.notice                             -/var/log/news/news.notice
# enable this, if you want to keep all news messages
# in one file
#news.*                                 -/var/log/news.all

#
# Warnings in one file
#
*.=warning;*.=err                       -/var/log/warn
*.crit                                   /var/log/warn

#
# the rest in one file
#
*.*;mail.none;news.none                 -/var/log/messages

#
# enable this, if you want to keep all messages
# in one file
#*.*                                    -/var/log/allmessages

#
# Some foreign boot scripts require local7
#
local0,local1.*                         -/var/log/localmessages
local2,local3.*                         -/var/log/localmessages
local4,local5.*                         -/var/log/localmessages
local6,local7.*                         -/var/log/localmessages

###