MJ Ray wrote:
Laurie Brown laurie@brownowl.com writes:
certainly used to log stuff. Any ideas as to why it should stop logging?
Are you sure about those permissions? What is syslogd running as?
Those permissions are the default. Should I change them, and if so to what? Syslogd wasn't running at all!
Has it been restarted since the messages file was zero'd?
Nope, but it has been now... /sbin/init.d/syslog restart
Also, how do I force an archive and compression of a log file?
Use a log rotate script. There are several out there, including standard ones on many distributions.
There's one on SuSE, but I have no idea what it is. The default rotation is 365 days, clearly a little long for the firewall log which is already 5 meg! Why someone would try the netbios-ns port (137) on every IP address in our allotted range I'm not sure (firewalled out on every one: DENY -l), but two have...
Do we have a firewall log guru in our midst?
Cheers, Laurie.