FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora User

 
 
LinkBack Thread Tools
 
Old 10-25-2011, 08:12 PM
Mike Wohlgemuth
 
Default fail2ban vs. logrotate

On 10/25/2011 11:12 AM, Mikkel L. Ellertson wrote:
> It looks like you would have to modify the syslog logrotate script
> and add a second command in the postrotate section after it restarts
> syslogd. Does fail2ban accept a SIGHUP to close and reopen the log file?
>
>
That was my first thought, but I don't see any way to get fail2ban to
reopen the log file without also forgetting the current ban list.

Thanks
Mike
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 
Old 10-25-2011, 08:25 PM
Tom Rivers
 
Default fail2ban vs. logrotate

On 10/25/2011 4:12 PM, Mike Wohlgemuth wrote:
> On 10/25/2011 11:12 AM, Mikkel L. Ellertson wrote:
>> It looks like you would have to modify the syslog logrotate script
>> and add a second command in the postrotate section after it restarts
>> syslogd. Does fail2ban accept a SIGHUP to close and reopen the log file?
> That was my first thought, but I don't see any way to get fail2ban to
> reopen the log file without also forgetting the current ban list.

For what it's worth, I have been using fail2ban and logrotate together
in a vanilla configuration for some time now and have never experienced
this problem. Right now it is running without incident on RHEL 5.7 and
F14. Are you sure you didn't tweak something, either on purpose or by
accident, when you configured things? If you haven't, then perhaps
something has changed and that is why it no longer works as expected.


Tom
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 
Old 10-25-2011, 09:54 PM
Tim
 
Default fail2ban vs. logrotate

On Tue, 2011-10-25 at 16:12 -0400, Mike Wohlgemuth wrote:
> I don't see any way to get fail2ban to reopen the log file without
> also forgetting the current ban list.

As I recall, it's supposed to make temporary bans. So does it really
need to keep a ban list forever? You'd be banning things that gave up
long ago. And things that keep on hammering away would auto-ban
themselves quickly enough, again, anyway.

--
[tim@localhost ~]$ uname -r
2.6.27.25-78.2.56.fc9.i686

Don't send private replies to my address, the mailbox is ignored. I
read messages from the public lists.



--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 

Thread Tools




All times are GMT. The time now is 01:30 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org