It's outside the modules scope, but can we shut up "vmnet-natd"?

[kennysgithub]

Again, this is not connected to the modules per se, but still a VMWare issue. For whatever reason, "vmware-natd" spams TF outta my /var/log/syslog with RTM_NEWADDR messages:

Jul 20 19:18:25 xps-9320 vmnet-natd: RTM_NEWADDR: index:7, addr:192.168.126.189
Jul 20 19:19:03 xps-9320 vmnet-natd: RTM_NEWADDR: index:16, addr:192.168.126.122

$ gunzip --force --stdout /var/log/syslog* | fgrep vmnet-natd | cut -d: -f4- | fgrep RTM_NEWADDR  | wc -l
7196

I've reported this issue (at least once) to VMWare, and never get any reply. It's also (somewhat) an issue here, but I got rid of the "sent-link" messages: https://github.com/mkubecek/vmware-host-modules/issues/54#issuecomment-1144724563

Since we don't(?) have the sources for vmnet-natd, I was wondering that maybe a way to fix this is to null out the first byte of the message in the binary, so that it's a zero-length call to the syslog writer, and maybe nothing happens?

$ strings /usr/bin/vmnet-natd | fgrep RTM_NEWADDR
RTM_NEWADDR: index:%d, addr:%d.%d.%d.%d

Anyone else got any ideas on how to edit binaries?

[kennysgithub]

... maybe a way to fix this is to null out the first byte of the message in the binary, so that it's a zero-length call to the syslog logger, and maybe nothing happens?

I found a way to edit binary files in "vi" ("xxd"). But the now-zero-length message didn't stop the message being sent to the syslog logger, so now I just get the syslog lines from vmnet-natd with nothing printed on them:

Jul 20 19:48:25 xps-9320 vmnet-natd:
Jul 20 20:00:37 xps-9320 vmnet-natd: message repeated 52 times: [ ]

At least the syslog line de-duplicator ("message repeated X times:") absorbs most of them, which I guess is better than nothing.

But I'd really like to figure out how to just disassemble the binary, and "comment out" the call to syslog for that message. Maybe I should start reading hacking fora :)