[gentoo-user] Rationalizing log files

Walter Dnes Thu, 13 May 2021 00:58:34 -0700

  On another thread, I had to dive into into /var/log/messages, and I
realized that it was not being rotated.  It's 32 megabytes+, most of
which is iptables reject messages for Facebook trackers.  What do I need
to do to get log rotation working?


/etc/logrotate.conf

########################################################################

#
# Default logrotate(8) configuration file for Gentoo Linux.
# See "man logrotate" for details.

# rotate log files weekly.
weekly
#daily

# keep 4 weeks worth of backlogs.
rotate 4

# create new (empty) log files after rotating old ones.
create

# use date as a suffix of the rotated file.
dateext

# compress rotated log files.
compress

notifempty
nomail
noolddir

# packages can drop log rotation information into this directory.
include /etc/logrotate.d

# no packages own wtmp and btmp -- we'll rotate them here.
/var/log/wtmp {
    monthly
    create 0664 root utmp
    minsize 1M
    rotate 1
}
/var/log/btmp {
    missingok
    monthly
    create 0600 root utmp
    rotate 1
}

# system-specific logs may be also be configured here.

########################################################################

  /etc/logrotate.d contains...
dcron  elog-save-summary  hibernate-script  openrc  rsyncd  syslog-ng

########################################################################

  And maybe either stop logging Facebook, or else log iptables messages
to a separate file (how is that done?).  The Facebook tracker messages
are generated by iptables rules...

-A INPUT -s 31.13.24.0/21 -j FECESBOOK
-A INPUT -s 31.13.64.0/18 -j FECESBOOK
-A INPUT -s 66.220.144.0/20 -j FECESBOOK
-A INPUT -s 69.63.176.0/20 -j FECESBOOK
-A INPUT -s 69.171.224.0/19 -j FECESBOOK
-A INPUT -s 74.119.76.0/22 -j FECESBOOK
-A INPUT -s 103.4.96.0/22 -j FECESBOOK
-A INPUT -s 173.252.64.0/18 -j FECESBOOK
-A INPUT -s 204.15.20.0/22 -j FECESBOOK

-A OUTPUT -d 31.13.24.0/21 -j FECESBOOK
-A OUTPUT -d 31.13.64.0/18 -j FECESBOOK
-A OUTPUT -d 66.220.144.0/20 -j FECESBOOK
-A OUTPUT -d 69.63.176.0/20 -j FECESBOOK
-A OUTPUT -d 69.171.224.0/19 -j FECESBOOK
-A OUTPUT -d 74.119.76.0/22 -j FECESBOOK
-A OUTPUT -d 103.4.96.0/22 -j FECESBOOK
-A OUTPUT -d 173.252.64.0/18 -j FECESBOOK
-A OUTPUT -d 204.15.20.0/22 -j FECESBOOK

-A FECESBOOK -j LOG --log-prefix "FECESBOOK:" --log-level 6
-A FECESBOOK -j REJECT --reject-with icmp-port-unreachable

-- 
Walter Dnes <waltd...@waltdnes.org>
I don't run "desktop environments"; I run useful applications

[gentoo-user] Rationalizing log files

Reply via email to