> <Linux specific> > I could make that trouble happen while testing by overloading the kernel > logging facility with a dumb logger ipchains policy looking like [...] The behaviour you describe only applies to kernel-generated log messages. This is because kernel messages are put in a circular buffer for later retrivial by user space (when syslogd gets scheduled for execution). If the buffer overlaps, you loose one-buffer-worth of data. Use of a dynamic buffer for kernel messages would not be wise, as it might lead to an easy DoS attack. > (BTW, if anyone could tell me how to increase that buffer, I'm still > interested) It wouldn't really help, in my opinion: you'll loose data more rarely, but you'll loose much more data when that happens. Anyways, change LOG_BUF_LEN in kernel/printk.c. /alessandro
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:14:27 PDT