fw logswitch does Not rotate all Logs

BarryStiefel · #1 (**permalink**) 2005-08-13

fw logswitch does Not rotate all Logs

Unfortunately, fw logswitch does not do this.

I know that many people rotate their logs on a frequent basis. The following script could be run at some regular interval in cron. This will rotate the log files in question with a date stamp and restart fwd. The renaming of the old log files will cause fwd to write fresh logs.

On Unix-based systems, here is a script to handle this. Note these are current as of FireWall-1 4.0. FireWall-1 4.1 uses some different log files with a .elg and .aud extention. You will have to modify these scripts accordingly.

#!/bin/sh FWDIR=/etc/fw # Or wherever it's loaded DATE=`date +%Y-%m-%d.%H:%M:%S` cd $FWDIR/log mv fwd.elg fwd.${DATE}.elg mv cpmgmt.aud cpmgmt.${DATE}.aud mv mdq.elg mdq.${DATE}.elg mv polsrvd.elg polsrvd.${DATE}.elg mv netsod.elg netsod.${DATE}.elg mv sam.log sam.${DATE}.log mv aclientd.elg aclientd.${DATE}.elg mv aftpd.elg aftpd.${DATE}.elg mv ahttpd.elg ahttpd.${DATE}.elg mv ahttpdauth1.elg ahttpdauth1.${DATE}.elg mv ahttpdauth2.elg ahttpdauth2.${DATE}.elg mv arlogind.elg arlogind.${DATE}.elg mv asmtpd.elg asmtpd.${DATE}.elg mv atelnetd.elg atelnetd.${DATE}.elg $FWDIR/bin/fw kill fwd $FWDIR/bin/fwdAnd here is an NT version (written for 4.0, so you'll have to modify the log names to .elg)@ECHO OFFREM Edit below to modify fw directoryset FWDIR=C:WINNTFWfor /F "tokens=1-4 delims=/ " %%i in ('date /t') do ( set DayOfWeek=%%i set Month=%%j set Day=%%k set Year=%%l set Date=%%i %%j/%%k/%%l)cd cd %FWDIR%logren fwd.log fwd.%Year%%Month%%Day%.logren fwui.log fwui.%Year%%Month%%Day%.logren mdq.log mdq.%Year%%Month%%Day%.logren sam.log sam.%Year%%Month%%Day%.logren aclientd.log aclientd.%Year%%Month%%Day%.logren aftpd.log aftpd.%Year%%Month%%Day%.logren ahttpd.log ahttpd.%Year%%Month%%Day%.logren arlogind.log arlogind.%Year%%Month%%Day%.logren asmtpd.log asmtpd.%Year%%Month%%Day%.logrem atelnetd.log atelnetd.%Year%%Month%%Day%.log..binfw kill fwd..binfw d

-- GuyR - 06 Jan 2004

FAQForm FAQs.Class: LoggingAndAlertingFAQs FAQs.OS: FAQs.Version:

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode