-
Notifications
You must be signed in to change notification settings - Fork 589
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
pfSense-pkg-suricata: Better log cleanup #389
Conversation
First cleans up rotated logs, then stop if it has cleaned up enough. Also cleanup eve.json logs. It then goes on to clean more in stages. Leave cleanup of log.pcap.* to suricata_post_delete_logs(). See https://redmine.pfsense.org/issues/7756
I tried to sign the CLA, but https://portal.pfsense.org/ uses an insecure SSL protocol (TLS 1.0) and my company's proxy refuses to connect to it. |
@opoplawski: Renato: Bill |
Before this pull request can be accepted you must first sign a CLA as described at https://www.pfsense.org/about-pfsense/#cla. Please read for more details. |
@opoplawski can you try again to sign CLA? |
I am working on an update to the Suricata GUI package to incorporate the 4.0.0 version of the binary. I can include the changes in this pull request in that 4.0.0 update of the GUI package if @opoplawski is unable to sign the CLA. Bill |
@bmeeks8 please so that. I'm closing this one then. Thank you! |
I've signed the CLA now. |
Just saw your note. I've already merged your changes from Pull Request 389 into the update I am doing for the 4.0.0 Suricata binary update. Are you OK with letting your updates come in with my 4.0.0 update? I will be sure to give you credit for the log rotation changes in the release notes I will post on the pfSense forum. Bill |
I think so. Is there an ETA on that? |
I am working on it now. Expected to post the PR within a day or two at the most. Bill |
* The cp1252 encoding is used when charset is "latin1". (#390) * The auth_plugin option is added. (#389) * charset option is passed to mysql_options(mysql, MYSQL_SET_CHARSET_NAME, charset) before mysql_real_connect is called. This avoid extra SET NAMES <charset> query when creating connection. * --static build supports libmariadbclient.a * Try mariadb_config when mysql_config is not found * Fixed warning happend in Python 3.8 (#359) * Fixed SEGV MySQLdb.escape_string("1") when libmariadb is used and no connection is created. (#367) * Fixed many circular references are created in Cursor.executemany(). (#375) PR: 243076 Submitted by: fluffy Approved by: maintainer timeout (>1w)
ChangeLog: https://invisible-island.net/vile/CHANGES.html * modify configure script to check validity of $IMAKE_LOADFLAGS * modify curses driver to work around configurations of ncurses where the SIGWINCH handler has been disabled. * modify vl_get_encoding() to allow for nl_langinfo(CODESET) returning an empty string, recover from this error using checks on the locale variable (report by David Snyder). * updated wcwidth.c, from xterm #389 * modify spec-file to work around a bug in make 4.4.1 * reduce compiler-warnings in configure script checks. * disallow newline in quoted string in ini filter. * adjust dlsym lookup to account for special case of define_key, to avoid conflict with ncurses. * fix mandoc warnings in vile.1 * fix a use-after-free in parse_nondirective() due to free() in the actual_color() function of key-filt.c * change VIDEO_TEXT type to "unsigned", allowing display of Unicode values past BMP for drivers which support this. * modify curses configuration to handle ncurses KEY_RESIZE (prompted by discussion with Sebastian Neuper). * fix typo in cross-compile check in CF_KILLPG macro (Debian #1029956) * update config.guess, config.sub PR: 276621 Reported by: dickey@invisible-island.net (maintainer)
PRhangeLog: https://invisible-island.net/vile/CHANGES.html * modify configure script to check validity of $IMAKE_LOADFLAGS * modify curses driver to work around configurations of ncurses where the SIGWINCH handler has been disabled. * modify vl_get_encoding() to allow for nl_langinfo(CODESET) returning an empty string, recover from this error using checks on the locale variable (report by David Snyder). * updated wcwidth.c, from xterm #389 * modify spec-file to work around a bug in make 4.4.1 * reduce compiler-warnings in configure script checks. * disallow newline in quoted string in ini filter. * adjust dlsym lookup to account for special case of define_key, to avoid conflict with ncurses. * fix mandoc warnings in vile.1 * fix a use-after-free in parse_nondirective() due to free() in the actual_color() function of key-filt.c * change VIDEO_TEXT type to "unsigned", allowing display of Unicode values past BMP for drivers which support this. * modify curses configuration to handle ncurses KEY_RESIZE (prompted by discussion with Sebastian Neuper). * fix typo in cross-compile check in CF_KILLPG macro (Debian #1029956) * update config.guess, config.sub Reported by: dickey@invisible-island.net (maintainer)
First cleans up rotated logs, then stop if it has cleaned up enough.
Also cleanup eve.json logs.
It then goes on to clean more in stages.
Leave cleanup of log.pcap.* to suricata_post_delete_logs().
See https://redmine.pfsense.org/issues/7756
This should also supersede pull #387