Linux-Noob Forums Linux Server Administration Security and Firewalls v
clear logs in smoothwall

Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Threaded Mode
clear logs in smoothwall
anyweb Offline
Administrator
*******
Posts: 3,631
Threads: 899
Joined: Dec 2003
Reputation: 0
#1
2005-01-02, 05:13 PM (This post was last modified: 2008-10-04, 04:08 PM by anyweb.)

create a simple script such as this

 



Code:
#!/bin/sh

#To clear the Snort logs:

echo > /var/log/snort/alert
rm -Rf /var/log/snort/*.*.*.*

#and to clear your firewall log:

echo > /var/log/messages

#To clear old Snort and firewall logs:

rm -f /var/log/messages.*
rm -f /var/log/snort/alert.*

# delete snort log dir and all files in it

rm -rf /var/log/snort

#recreate snort with correct permissions

mkdir /var/log/snort

echo > /var/log/snort/alert
echo > /var/log/snort/portscan.log

chmod 664 /var/log/snort/alert
chmod 664 /var/log/snort/portscan.log

chown -R snort:snort /var/log/snort


#restart snort
restartsnort
echo -----------------------------
ls -al /var/log/snort/
echo -----------------------------
echo Logs are all cleared.
echo if you see /var/log/snort/alert or
echo /var/log/snort/portscan.log still belonging to root then manually chown them
echo -----------------------------
echo all done.




 

then make it executable

 



Code:
chmod +x cleanup




 

then add it as a cron job if you wish or run it manually when the logs start filling up your hard disc (and they will....)

 

thats it !

cheers

 

anyweb

Find
Reply
ifykh Offline
Junior Member
**
Posts: 2
Threads: 1
Joined: Oct 2008
Reputation: 0
#2
2008-10-04, 12:31 PM

Dear Admin,

 

I want to know that can i make this script executable. I m totally new in linux. I choose smoothwall as a firewall & proxy for my LAN but I m not completely know about linux & its commands. The script u wrote is very helpful for me & hopefully others as well but kindly guide me that how can I make this script executable & set it with cron job.

 

thanx

 

ifykh

Find
Reply
anyweb Offline
Administrator
*******
Posts: 3,631
Threads: 899
Joined: Dec 2003
Reputation: 0
#3
2008-10-04, 04:07 PM

from the post above

 

make it executable

 



Code:
chmod +x cleanup




Find
Reply
Dungeon-Dave Offline
Moderator
*****
Posts: 955
Threads: 36
Joined: Sep 2008
Reputation: 0
#4
2008-10-05, 01:43 PM

An alternative is to use logrotate to truncate the logs periodically. Create a file called "snort" containing the following:



Code:
/var/log/snort/alert /var/log/portscan.log {
    missingok
    daily
    rotate 7
    notifempty
    compress
    create 0664 snort snort
}




.. then just drop that file into your /etc/logrotate.d directory.

 

Logrotate will trim the files on a daily basis, keeping the last 7 files in compressed format so you can use something like zcat /var/log/portscan.log.2.gz

 

(nb: I don't know if smoothwall has logrotate installed, but I'm guessing a quick apt-get/yum/emerge ought to do the trick)

Find
Reply
lenswipe Offline
Junior Member
**
Posts: 1
Threads: 0
Joined: Oct 2008
Reputation: 0
#5
2008-10-26, 12:44 PM

Quote:(nb: I don't know if smoothwall has logrotate installed, but I'm guessing a quick apt-get/yum/emerge ought to do the trick)
 

 

No, smoothwall doesnt come with yum or apt-get (not sure about the other one but im guessing not)

 

The reason given from the developers is that its for security purposes to prevent users installing things like GNOME and flash. The latter of those two aparently has an exploit that allows hackers full control over the machine or something like that anyway

 

Regards

 

-L

Find
Reply
chris.delosreyes89 Offline
Junior Member
**
Posts: 1
Threads: 0
Joined: Aug 2011
Reputation: 0
#6
2011-08-17, 07:50 AM

We have a old Smoothwall Advanced Firewall 2008 that's been sitting in the storage for 2 years now. We decided to put it again online but upon checking the logs we see that it still has the old "im proxy" logs.. We need to start and refresh the whole system without the old logs. How do we delete or remove the old "im proxy" logs? Our HDD space is a bit small and reinstalling it will require the CD of which we don't know its whereabouts.

 

Pls help..

 

many thanks..chris

Find
Reply
Dungeon-Dave Offline
Moderator
*****
Posts: 955
Threads: 36
Joined: Sep 2008
Reputation: 0
#7
2011-08-17, 10:55 AM (This post was last modified: 2011-08-17, 10:55 AM by Dungeon-Dave.)

The logs can be cleared down by just zeroing them out, eg:



Code:
> /var/log/smoothwall.log


or thereabouts.

 

If you run LogRotate, they should be rotating and clearing down logs for you.

 

What location is smoothwall writing the logfiles to?

Find
Reply
Dungeon-Dave Offline
Moderator
*****
Posts: 955
Threads: 36
Joined: Sep 2008
Reputation: 0
#8
2011-08-17, 11:00 AM
oh, another point - smoothwall is free, so you can download and burn it to another CD (or install it off USB pen, if you have ubootin)
Find
Reply
amanda63 Offline
Junior Member
**
Posts: 1
Threads: 0
Joined: Mar 2024
Reputation: 0
#9
2024-03-10, 03:27 PM
To clear logs in Smoothwall, access the system's web interface, navigate to the "Logs" section, select the desired log type (e.g., Firewall), and use the "Clear Logs" option. Always document actions for transparency in network management.
Gb Whatsapp Pro
Website Find
Reply


Forum Jump:


Users browsing this thread: 7 Guest(s)