[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: ipchains logging

From: "Mikkel L. Ellertson" <mikkel Infinity-ltd com>
To: guinness-list redhat com
Subject: Re: ipchains logging
Date: Tue, 3 Oct 2000 23:00:41 -0500 (CDT)

On Tue, 3 Oct 2000, Lee Howard wrote:
> 
> Excellent help.  I'm a bit concerned, though, because the amount of
> information is a little too much.  After one day:
> 
> -rw-r--r--   1 root     root     19928490 Oct  3 20:16 ipchains
> 
> I've got a 19M file, which will be *too* big by the time it gets flushed by
> cron (if cron will flush this as-is, without me adding anything more).
> 
> I don't suppose that there's any way I can get less information from the
> ipchains logging, is there?  (Considering the nature of packet forwarding,
> I doubt that it's even a realistic option.)
> 
> Thanks.
> 
> Lee Howard
> 
It will not get rotated unless you add an entry for it.  The best place
would be in /etc/logratate.d/syslog.  Just copy one of the entries in that
file, changing the name of the log file.

As for limmiting the amount of information logged, about the only ways I
can think of are changing the logging rules of your firewall.  You may be
able to direct the information through a filter, instead of directly to a
file, but I have not tried this with syslog yet.

References:
- Re: ipchains logging
  - From: Lee Howard <faxguy@deanox.com>

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index] []