|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Han (han_at_mijncomputer.nl)
Date: Tue Aug 06 2002 - 09:13:46 CDT
Jan Johansson (janj+openbsd
wenf.org) wrote:
>
> This is in my root crontab.
>
> 0 */6 * * * /usr/sbin/tcpdump -n -e -tttv -r /var/log/pflog | /usr/local/sbin/pf.pl
Don't you get the problem that some logs are not send and others are send double?
newsyslog rotates the pflog file when it is bigger than 250kb.
So now I have this crontab:
0 * * * * /usr/local/sbin/pflogsend ; /usr/bin/newsyslog
and this pflogsend:
#!/bin/sh
if [ `ls -l /var/log/pflog|awk '{ print $5}'` -ge 256000 ];then
/usr/sbin/tcpdump -e -n -tttv -r /var/log/pflog | /usr/local/sbin/pf.pl
fi
Cya, Han.
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]