It's outside the modules scope, but can we shut up "vmnet-natd"?
Opened this issue · 1 comments
Again, this is not connected to the modules per se, but still a VMWare issue. For whatever reason, "vmware-natd" spams TF outta my /var/log/syslog with RTM_NEWADDR messages:
Jul 20 19:18:25 xps-9320 vmnet-natd: RTM_NEWADDR: index:7, addr:192.168.126.189
Jul 20 19:19:03 xps-9320 vmnet-natd: RTM_NEWADDR: index:16, addr:192.168.126.122
$ gunzip --force --stdout /var/log/syslog* | fgrep vmnet-natd | cut -d: -f4- | fgrep RTM_NEWADDR | wc -l
7196
I've reported this issue (at least once) to VMWare, and never get any reply. It's also (somewhat) an issue here, but I got rid of the "sent-link" messages: #54 (comment)
Since we don't(?) have the sources for vmnet-natd, I was wondering that maybe a way to fix this is to null out the first byte of the message in the binary, so that it's a zero-length call to the syslog writer, and maybe nothing happens?
$ strings /usr/bin/vmnet-natd | fgrep RTM_NEWADDR
RTM_NEWADDR: index:%d, addr:%d.%d.%d.%d
Anyone else got any ideas on how to edit binaries?
... maybe a way to fix this is to null out the first byte of the message in the binary, so that it's a zero-length call to the syslog logger, and maybe nothing happens?
I found a way to edit binary files in "vi" ("xxd"). But the now-zero-length message didn't stop the message being sent to the syslog logger, so now I just get the syslog lines from vmnet-natd with nothing printed on them:
Jul 20 19:48:25 xps-9320 vmnet-natd:
Jul 20 20:00:37 xps-9320 vmnet-natd: message repeated 52 times: [ ]
At least the syslog line de-duplicator ("message repeated X times:") absorbs most of them, which I guess is better than nothing.
But I'd really like to figure out how to just disassemble the binary, and "comment out" the call to syslog for that message. Maybe I should start reading hacking fora :)