thr3ads.net - Shorewall users - logrotate configs for Shorewall [Jul 2012]

If this information is useful, please help other people find it:
Share via:

alex

2012-Jul-24 08:37 UTC

logrotate configs for Shorewall

Hello,
   During Shorewall/Shorewall6 installation the following files are
installed:

/etc/logrotate.d/shorewall:

/var/log/shorewall-init.log {
  missingok
  notifempty
  create 0600 root root
}

/etc/logrotate.d/shorewall6:

/var/log/shorewall6-init.log {
  missingok
  notifempty
  create 0600 root root
}

/etc/logrotate.d/shorewall-init:

/var/log/shorewall-ifupdown.log {
  missingok
  notifempty
  create 0600 root root
}


    I think they look a bit strange. I suggest next variant:

/etc/logrotate.d/shorewall:

/var/log/shorewall.log {
    missingok
    notifempty
    create 0600 root root
    size 10M
    compress
    rotate 10
}

/etc/logrotate.d/shorewall6:

/var/log/shorewall6.log {
    missingok
    notifempty
    create 0600 root root
    size 10M
    compress
    rotate 10
}

/etc/logrotate.d/shorewall-init:

/var/log/shorewall-init.log {
  missingok
  notifempty
  create 0600 root root
}

/var/log/shorewall-ifupdown.log {
  missingok
  notifempty
  create 0600 root root
}


------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today''s security and 
threat landscape has changed and how IT managers can respond. Discussions 
will include endpoint security, mobile security and the latest in malware 
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/

Simon Matter

2012-Jul-24 08:53 UTC

head link

Re: logrotate configs for Shorewall

>    Hello,
>    During Shorewall/Shorewall6 installation the following files are
> installed:
>
> /etc/logrotate.d/shorewall:
>
> /var/log/shorewall-init.log {
>   missingok
>   notifempty
>   create 0600 root root
> }
>
> /etc/logrotate.d/shorewall6:
>
> /var/log/shorewall6-init.log {
>   missingok
>   notifempty
>   create 0600 root root
> }
>
> /etc/logrotate.d/shorewall-init:
>
> /var/log/shorewall-ifupdown.log {
>   missingok
>   notifempty
>   create 0600 root root
> }
>
>
>     I think they look a bit strange. I suggest next variant:
>
> /etc/logrotate.d/shorewall:
>
> /var/log/shorewall.log {
>     missingok
>     notifempty
>     create 0600 root root
>     size 10M
>     compress
>     rotate 10
> }
I''m not sure what kind of distribution you''re using but on my
RHEL those
files would look quite non standard. I suggest to not change them :)

Regards,
Simon


------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today''s security and 
threat landscape has changed and how IT managers can respond. Discussions 
will include endpoint security, mobile security and the latest in malware 
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/

alex

2012-Jul-24 10:42 UTC

head link

Re: logrotate configs for Shorewall

Excuse me, please, I forgot that I filter all Shorewall messages to
separate log file (in separate directory) and therefore I need special
tuning for log rotating.
I use FC17.


2012/7/24 Simon Matter <simon.matter@invoca.ch>
> >    Hello,
> >    During Shorewall/Shorewall6 installation the following files are
> > installed:
> >
> > /etc/logrotate.d/shorewall:
> >
> > /var/log/shorewall-init.log {
> >   missingok
> >   notifempty
> >   create 0600 root root
> > }
> >
> > /etc/logrotate.d/shorewall6:
> >
> > /var/log/shorewall6-init.log {
> >   missingok
> >   notifempty
> >   create 0600 root root
> > }
> >
> > /etc/logrotate.d/shorewall-init:
> >
> > /var/log/shorewall-ifupdown.log {
> >   missingok
> >   notifempty
> >   create 0600 root root
> > }
> >
> >
> >     I think they look a bit strange. I suggest next variant:
> >
> > /etc/logrotate.d/shorewall:
> >
> > /var/log/shorewall.log {
> >     missingok
> >     notifempty
> >     create 0600 root root
> >     size 10M
> >     compress
> >     rotate 10
> > }
>
> I''m not sure what kind of distribution you''re using but
on my RHEL those
> files would look quite non standard. I suggest to not change them :)
>
> Regards,
> Simon
>
>
>
>
------------------------------------------------------------------------------
> Live Security Virtual Conference
> Exclusive live event will cover all the ways today''s security and
> threat landscape has changed and how IT managers can respond. Discussions
> will include endpoint security, mobile security and the latest in malware
> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
> _______________________________________________
> Shorewall-users mailing list
> Shorewall-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/shorewall-users
>

------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today''s security and 
threat landscape has changed and how IT managers can respond. Discussions 
will include endpoint security, mobile security and the latest in malware 
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/

Shorewall users - Jul 2012 - logrotate configs for Shorewall

logrotate configs for Shorewall

Re: logrotate configs for Shorewall

Re: logrotate configs for Shorewall