Gentoo Archives: gentoo-user

From: Walter Dnes <waltdnes@××××××××.org>
To: Gentoo Users List <gentoo-user@l.g.o>
Subject: [gentoo-user] Rationalizing log files
Date: Thu, 13 May 2021 07:58:31
Message-Id: YJzcKMVQhWTvImZU@waltdnes.org
1 On another thread, I had to dive into into /var/log/messages, and I
2 realized that it was not being rotated. It's 32 megabytes+, most of
3 which is iptables reject messages for Facebook trackers. What do I need
4 to do to get log rotation working?
5
6 /etc/logrotate.conf
7
8 ########################################################################
9
10 #
11 # Default logrotate(8) configuration file for Gentoo Linux.
12 # See "man logrotate" for details.
13
14 # rotate log files weekly.
15 weekly
16 #daily
17
18 # keep 4 weeks worth of backlogs.
19 rotate 4
20
21 # create new (empty) log files after rotating old ones.
22 create
23
24 # use date as a suffix of the rotated file.
25 dateext
26
27 # compress rotated log files.
28 compress
29
30 notifempty
31 nomail
32 noolddir
33
34 # packages can drop log rotation information into this directory.
35 include /etc/logrotate.d
36
37 # no packages own wtmp and btmp -- we'll rotate them here.
38 /var/log/wtmp {
39 monthly
40 create 0664 root utmp
41 minsize 1M
42 rotate 1
43 }
44 /var/log/btmp {
45 missingok
46 monthly
47 create 0600 root utmp
48 rotate 1
49 }
50
51 # system-specific logs may be also be configured here.
52
53 ########################################################################
54
55 /etc/logrotate.d contains...
56 dcron elog-save-summary hibernate-script openrc rsyncd syslog-ng
57
58 ########################################################################
59
60 And maybe either stop logging Facebook, or else log iptables messages
61 to a separate file (how is that done?). The Facebook tracker messages
62 are generated by iptables rules...
63
64 -A INPUT -s 31.13.24.0/21 -j FECESBOOK
65 -A INPUT -s 31.13.64.0/18 -j FECESBOOK
66 -A INPUT -s 66.220.144.0/20 -j FECESBOOK
67 -A INPUT -s 69.63.176.0/20 -j FECESBOOK
68 -A INPUT -s 69.171.224.0/19 -j FECESBOOK
69 -A INPUT -s 74.119.76.0/22 -j FECESBOOK
70 -A INPUT -s 103.4.96.0/22 -j FECESBOOK
71 -A INPUT -s 173.252.64.0/18 -j FECESBOOK
72 -A INPUT -s 204.15.20.0/22 -j FECESBOOK
73
74 -A OUTPUT -d 31.13.24.0/21 -j FECESBOOK
75 -A OUTPUT -d 31.13.64.0/18 -j FECESBOOK
76 -A OUTPUT -d 66.220.144.0/20 -j FECESBOOK
77 -A OUTPUT -d 69.63.176.0/20 -j FECESBOOK
78 -A OUTPUT -d 69.171.224.0/19 -j FECESBOOK
79 -A OUTPUT -d 74.119.76.0/22 -j FECESBOOK
80 -A OUTPUT -d 103.4.96.0/22 -j FECESBOOK
81 -A OUTPUT -d 173.252.64.0/18 -j FECESBOOK
82 -A OUTPUT -d 204.15.20.0/22 -j FECESBOOK
83
84 -A FECESBOOK -j LOG --log-prefix "FECESBOOK:" --log-level 6
85 -A FECESBOOK -j REJECT --reject-with icmp-port-unreachable
86
87 --
88 Walter Dnes <waltdnes@××××××××.org>
89 I don't run "desktop environments"; I run useful applications

Replies

Subject Author
Re: [gentoo-user] Rationalizing log files Dale <rdalek1967@×××××.com>
Re: [gentoo-user] Rationalizing log files Mark Knecht <markknecht@×××××.com>
Re: [gentoo-user] Rationalizing log files David Haller <gentoo@×××××××.de>