Re: ipmon log rotation

Hello!

> I've got ipfilter running on fbsd 5.1. In my rc.conf file i have:
> ipmon_flags="-Davn /var/log/firewall.log"
> then i followed the ipmon example for log rotation given in the rc.conf man
> page and added the following one line to /etc/newsyslog.conf:
> /var/log/firewall.log 600 3 100 * Z /var/run/ipmon.pid
> I'm having two problems, firstly, the log is in fact being written but when
> newsyslog rotates the log file ipmon continues to write to firewall.log.0
> which i am assuming is the previous log file and the new log fille,
> firewall.log has only that newsyslog rotated it. The second problem and this
> might be related to the first is that newsyslog is not compressing these
> logs.

FWIW, here's how I do it on my FreeBSD 4.x machines

in rc.conf:

ipmon_flags=-sD

in syslog.conf:
local0.* /var/log/ipfilter

Also in syslog.conf, append 'local0.none' to the facilities logged to
/var/log/messages, to avoid duplicating ipmon messages.

in newsyslog.conf
/var/log/ipfilter 600 5 * 168 Z

I don't know why your way doesn't work (maybe ipmon isn't designed to
re-open its logfile on SIGHUP?), but this one certainly does.
--
Toomas Aas | toomas.aas@raad.tartu.ee | http://www.raad.tartu.ee/~toomas/
* I take my wife everywhere, but she keeps finding her way back.