Why rsyslog don’t esclude iptables message from klog/dmesg?

admin

I have configured firewalld to log messages

sudo vim /etc/firewalld/firewalld.conf

LogDenied=all

then I configure rsyslog for separate logging

:msg, contains, "_DROP"       /var/log/firewalld-dropped.log
:msg, contains, "_DROP"     ~
:msg, contains, "_REJECT"       /var/log/firewalld-dropped.log
:msg, contains, "_REJECT"     ~

But after restart

systemctl restart firewalld
systemctl restart rsyslogd

dmesg show a lot of iptables messages!

I know another solution (ulogd+iptables rules), but I prefer this because is more easy and more integrated with firewalld, the question is: is possible to exclude the iptables messages from dmesg/klog?
~

Read more here: Source link