Enhancement #2541

Rotate firewall.log

Added by Davide Principi almost 6 years ago. Updated almost 6 years ago.

Status:CLOSEDStart date:
Priority:NormalDue date:
Assignee:-% Done:

100%

Category:nethserver-firewall-base
Target version:v6.5-rc1
Resolution: NEEDINFO:No

Description

Add logrotate configuration for /var/log/firewall.log

Associated revisions

Revision a7ab8ba9
Added by Giacomo Sanchietti almost 6 years ago

logrotate: rotate firewall.log Refs #2541

Use copytruncate to avoid rsyslogd restart.

History

#1 Updated by Filippo Carletti almost 6 years ago

  • Target version changed from ~FUTURE to v6.5-rc1

#2 Updated by Giacomo Sanchietti almost 6 years ago

  • Status changed from TRIAGED to ON_DEV
  • Assignee set to Giacomo Sanchietti
  • % Done changed from 20 to 30

#3 Updated by Giacomo Sanchietti almost 6 years ago

  • Status changed from ON_DEV to MODIFIED
  • % Done changed from 30 to 60
Implemented with following options:
  • copytruncate to avoid rsyslogd restart
  • compress to save space (firewall.log can be very verbose)

#4 Updated by Giacomo Sanchietti almost 6 years ago

  • Status changed from MODIFIED to ON_QA
  • Assignee deleted (Giacomo Sanchietti)
  • % Done changed from 60 to 70
Packages in nethserver-testing:
  • nethserver-shorewall-1.0.3-1.0gita7ab8ba9.ns6.noarch.rpm
Test case
  • Check /var/log/firewall.log is rotated and rsyslogd can still write on the original file

#5 Updated by Davide Principi almost 6 years ago

  • Assignee set to Davide Principi

#6 Updated by Davide Principi almost 6 years ago

  • Status changed from ON_QA to VERIFIED
  • Assignee deleted (Davide Principi)
  • % Done changed from 70 to 90

VERIFIED

  • Port 44 is closed: generate some log messages from a remote machine on the LAN:
       #  for T in 1 2 3 4 5; do nc davidep3 44; done
    
  • Rotate logs and generate messages again:
       # logrotate  -f /etc/logrotate.conf
    [generate messages as explained above]
       # ll /var/log/firewall.log*
    -rw-------. 1 root root 1267 Feb 25 11:25 /var/log/firewall.log
    -rw-------. 1 root root  271 Feb 25 11:25 /var/log/firewall.log-20140225.gz
    

#7 Updated by Davide Principi almost 6 years ago

  • Status changed from VERIFIED to CLOSED
  • % Done changed from 90 to 100

#8 Updated by Davide Principi almost 6 years ago

In nethserver-updates:
nethserver-release-6.5-4.ns6.rc1.noarch.rpm
nethserver-devbox-1.4.0-1.ns6.noarch.rpm
nethserver-backup-data-1.0.9-1.ns6.noarch.rpm
nethserver-base-2.1.0-1.ns6.noarch.rpm
nethserver-directory-2.0.1-1.ns6.noarch.rpm
nethserver-firewall-base-1.1.0-1.ns6.noarch.rpm
nethserver-hosts-1.0.7-1.ns6.noarch.rpm
nethserver-httpd-2.3.0-1.ns6.noarch.rpm
nethserver-httpd-admin-1.2.1-1.ns6.noarch.rpm
nethserver-hylafax-1.0.5-1.ns6.noarch.rpm
nethserver-ibays-2.0.3-1.ns6.noarch.rpm
nethserver-lib-2.0.1-1.ns6.noarch.rpm
nethserver-mail-server-1.6.1-1.ns6.noarch.rpm
nethserver-nethgui-1.4.0-1.ns6.noarch.rpm
nethserver-ntopng-1.1.2-1.ns6.noarch.rpm
nethserver-nut-1.0.7-1.ns6.noarch.rpm
nethserver-openssh-1.0.5-1.ns6.noarch.rpm
nethserver-roundcubemail-0.0.2-1.ns6.noarch.rpm
nethserver-samba-1.4.2-1.ns6.noarch.rpm
nethserver-shorewall-1.0.4-1.ns6.noarch.rpm
nethserver-sogo-thunderbird-1.1.1-1.ns6.noarch.rpm
nethserver-vpn-1.1.2-1.ns6.noarch.rpm
sogo-frontends-1.3.0-1.ns6.noarch.rpm

Also available in: Atom PDF