On another thread, I had to dive into into /var/log/messages, and I
realized that it was not being rotated. It's 32 megabytes+, most of
which is iptables reject messages for Facebook trackers. What do I need
to do to get log rotation working?
/etc/logrotate.conf
########################################################################
#
# Default logrotate(8) configuration file for Gentoo Linux.
# See "man logrotate" for details.
# rotate log files weekly.
weekly
#daily
# keep 4 weeks worth of backlogs.
rotate 4
# create new (empty) log files after rotating old ones.
create
# use date as a suffix of the rotated file.
dateext
# compress rotated log files.
compress
notifempty
nomail
noolddir
# packages can drop log rotation information into this directory.
include /etc/logrotate.d
# no packages own wtmp and btmp -- we'll rotate them here.
/var/log/wtmp {
monthly
create 0664 root utmp
minsize 1M
rotate 1
}
/var/log/btmp {
missingok
monthly
create 0600 root utmp
rotate 1
}
# system-specific logs may be also be configured here.
########################################################################
/etc/logrotate.d contains...
dcron elog-save-summary hibernate-script openrc rsyncd syslog-ng
########################################################################
And maybe either stop logging Facebook, or else log iptables messages
to a separate file (how is that done?). The Facebook tracker messages
are generated by iptables rules...
-A INPUT -s 31.13.24.0/21 -j FECESBOOK
-A INPUT -s 31.13.64.0/18 -j FECESBOOK
-A INPUT -s 66.220.144.0/20 -j FECESBOOK
-A INPUT -s 69.63.176.0/20 -j FECESBOOK
-A INPUT -s 69.171.224.0/19 -j FECESBOOK
-A INPUT -s 74.119.76.0/22 -j FECESBOOK
-A INPUT -s 103.4.96.0/22 -j FECESBOOK
-A INPUT -s 173.252.64.0/18 -j FECESBOOK
-A INPUT -s 204.15.20.0/22 -j FECESBOOK
-A OUTPUT -d 31.13.24.0/21 -j FECESBOOK
-A OUTPUT -d 31.13.64.0/18 -j FECESBOOK
-A OUTPUT -d 66.220.144.0/20 -j FECESBOOK
-A OUTPUT -d 69.63.176.0/20 -j FECESBOOK
-A OUTPUT -d 69.171.224.0/19 -j FECESBOOK
-A OUTPUT -d 74.119.76.0/22 -j FECESBOOK
-A OUTPUT -d 103.4.96.0/22 -j FECESBOOK
-A OUTPUT -d 173.252.64.0/18 -j FECESBOOK
-A OUTPUT -d 204.15.20.0/22 -j FECESBOOK
-A FECESBOOK -j LOG --log-prefix "FECESBOOK:" --log-level 6
-A FECESBOOK -j REJECT --reject-with icmp-port-unreachable
--
Walter Dnes <waltdnes@waltdnes.org>
I don't run "desktop environments"; I run useful applications
realized that it was not being rotated. It's 32 megabytes+, most of
which is iptables reject messages for Facebook trackers. What do I need
to do to get log rotation working?
/etc/logrotate.conf
########################################################################
#
# Default logrotate(8) configuration file for Gentoo Linux.
# See "man logrotate" for details.
# rotate log files weekly.
weekly
#daily
# keep 4 weeks worth of backlogs.
rotate 4
# create new (empty) log files after rotating old ones.
create
# use date as a suffix of the rotated file.
dateext
# compress rotated log files.
compress
notifempty
nomail
noolddir
# packages can drop log rotation information into this directory.
include /etc/logrotate.d
# no packages own wtmp and btmp -- we'll rotate them here.
/var/log/wtmp {
monthly
create 0664 root utmp
minsize 1M
rotate 1
}
/var/log/btmp {
missingok
monthly
create 0600 root utmp
rotate 1
}
# system-specific logs may be also be configured here.
########################################################################
/etc/logrotate.d contains...
dcron elog-save-summary hibernate-script openrc rsyncd syslog-ng
########################################################################
And maybe either stop logging Facebook, or else log iptables messages
to a separate file (how is that done?). The Facebook tracker messages
are generated by iptables rules...
-A INPUT -s 31.13.24.0/21 -j FECESBOOK
-A INPUT -s 31.13.64.0/18 -j FECESBOOK
-A INPUT -s 66.220.144.0/20 -j FECESBOOK
-A INPUT -s 69.63.176.0/20 -j FECESBOOK
-A INPUT -s 69.171.224.0/19 -j FECESBOOK
-A INPUT -s 74.119.76.0/22 -j FECESBOOK
-A INPUT -s 103.4.96.0/22 -j FECESBOOK
-A INPUT -s 173.252.64.0/18 -j FECESBOOK
-A INPUT -s 204.15.20.0/22 -j FECESBOOK
-A OUTPUT -d 31.13.24.0/21 -j FECESBOOK
-A OUTPUT -d 31.13.64.0/18 -j FECESBOOK
-A OUTPUT -d 66.220.144.0/20 -j FECESBOOK
-A OUTPUT -d 69.63.176.0/20 -j FECESBOOK
-A OUTPUT -d 69.171.224.0/19 -j FECESBOOK
-A OUTPUT -d 74.119.76.0/22 -j FECESBOOK
-A OUTPUT -d 103.4.96.0/22 -j FECESBOOK
-A OUTPUT -d 173.252.64.0/18 -j FECESBOOK
-A OUTPUT -d 204.15.20.0/22 -j FECESBOOK
-A FECESBOOK -j LOG --log-prefix "FECESBOOK:" --log-level 6
-A FECESBOOK -j REJECT --reject-with icmp-port-unreachable
--
Walter Dnes <waltdnes@waltdnes.org>
I don't run "desktop environments"; I run useful applications