<html>
<head>
<style><!--
.hmmessage P
{
margin:0px;
padding:0px
}
body.hmmessage
{
font-size: 12pt;
font-family:΢ÈíÑźÚ
}
--></style></head>
<body class='hmmessage'><div dir='ltr'>Do not use rsyslog. <div><br></div><div>After set "plutodebug=none" and "klipsdebug=none" in /etc/ipsec.conf, no significant change. Now <span style="font-size: 12pt;">we set </span><span style="font-size: 11pt; font-family: Calibri, sans-serif; color: rgb(31, 73, 125);">¡°plutostderrlog¡± to ¡°/dev/null¡± in /etc/ipsec.conf. Then no /var/log/pluto.log any more.</span></div><div><font color="#1f497d" face="Calibri, sans-serif"><span style="font-size: 14.6667px;"><br></span></font></div><div><font color="#1f497d" face="Calibri, sans-serif"><span style="font-size: 14.6667px;">But /var/log/secure is still increasing. Does anybody know how to disable it also ?</span></font></div><div><font color="#1f497d" face="Calibri, sans-serif"><span style="font-size: 14.6667px;"><br></span></font></div><div><font color="#1f497d" face="Calibri, sans-serif"><span style="font-size: 14.6667px;">Thanks </span></font></div><div><font color="#1f497d" face="Calibri, sans-serif"><span style="font-size: 14.6667px;"><br></span></font><br><div><hr id="stopSpelling">Subject: Re: [Swan] How to let pluto write little log ? We have 312 IPSec connections<br>To: earthlovepython@outlook.com; swan@lists.libreswan.org<br>From: nick@howitts.co.uk<br>Date: Wed, 23 Dec 2015 09:30:45 +0000<br><br>
That seems excessive. I am getting about 70kB/d/conn for a LAN-LAN
connection with key lives of 1h and 8h. What do you have in "conn
setup" in ipsec.conf?<br>
<br>
As a secondary question, does your system use rsyslog?<br>
<br>
Nick<br>
<br>
<div class="ecxmoz-cite-prefix">On 22/12/2015 22:46, ChenHao wrote:<br>
</div>
<blockquote cite="mid:BAY167-W73CBB899D431184D8F9AA2B2E50@phx.gbl">
<style><!--
.ExternalClass .ecxhmmessage P {
padding:0px;
}
.ExternalClass body.ecxhmmessage {
font-size:12pt;
font-family:΢ÈíÑźÚ;
}
--></style>
<div dir="ltr">
<p class="ecxMsoNormal">We have 312 IPSec connections. <span style="font-size:12pt;">Unfortunately, pluto write about
45G data every day.</span></p>
<p class="ecxMsoNormal"><span style="font-size:12pt;"><br>
</span></p>
<p class="ecxMsoNormal"><span style="font-size:12pt;">Is there any
parameter to disable the writing? I have cleared all debug
option from </span>/etc/sysconfig/pluto ?</p>
<p class="ecxMsoNormal"><br>
</p>
<p class="ecxMsoNormal">Thanks</p>
<p class="ecxMsoNormal"><br>
</p>
<p class="ecxMsoNormal">[root@pa6 log]# df -h</p>
<p class="ecxMsoNormal">Filesystem
Size Used Avail Use% Mounted on</p>
<p class="ecxMsoNormal">/dev/mapper/vg_-vg_root 30G
1.8G 27G 7% /</p>
<p class="ecxMsoNormal">devtmpfs
32G 0 32G 0% /dev</p>
<p class="ecxMsoNormal">tmpfs
32G 54M 32G 1% /dev/shm</p>
<p class="ecxMsoNormal">tmpfs
32G 3.2G 29G 10% /run</p>
<p class="ecxMsoNormal">tmpfs
32G
0 32G 0% /sys/fs/cgroup</p>
<p class="ecxMsoNormal">/dev/mapper/vg_-vg_home 9.8G 2.2G
7.1G 24% /home</p>
<p class="ecxMsoNormal">/dev/sda1
477M 82M 366M 19% /boot</p>
<p class="ecxMsoNormal">/dev/mapper/vg_-vg_temp 2.0G 6.1M
1.8G 1% /tmp</p>
<p class="ecxMsoNormal">/dev/sda2
500M 0 500M 0% /boot/efi</p>
<p class="ecxMsoNormal">/<span style="background:yellow;">dev/mapper/vg_-vg_var
113G
68G 40G 64% /var</span></p>
<p class="ecxMsoNormal">[root@pa6 log]#</p>
<p class="ecxMsoNormal"> </p>
<p class="ecxMsoNormal"> </p>
<p class="ecxMsoNormal">[root@pa6 ~]# cd /var/log</p>
<p class="ecxMsoNormal">[root@pa6 log]# ls -ltr secure*</p>
<p class="ecxMsoNormal">-rw------- 1 root root 2159190212 Dec 20
04:15
secure-20151220.gz</p>
<p class="ecxMsoNormal">-<span style="background:yellow;">rw-------
1 root root 21283501386 Dec 22 11:51 secure</span></p>
<p class="ecxMsoNormal">[root@pa6 log]# ls -lh secure</p>
<p class="ecxMsoNormal"><span style="background:yellow;">-rw-------
1 root root 20G Dec 22 11:52 secure</span></p>
<p class="ecxMsoNormal">[root@pa6 log]# ls -ltr pluto*</p>
<p class="ecxMsoNormal">-rw-r--r-- 1 root
root 1129 Dec 16 17:09
pluto.log-20151216.gz</p>
<p class="ecxMsoNormal">-rw-r--r-- 1 root
root 1129 Dec 17 03:28
pluto.log-20151217.gz</p>
<p class="ecxMsoNormal">-rw-r--r-- 1 root root 4447840 Dec
18 03:32 pluto.log-20151218.gz</p>
<p class="ecxMsoNormal">-rw-r--r-- 1 root root 648411592 Dec 19
03:28
pluto.log-20151219.gz</p>
<p class="ecxMsoNormal">-rw-r--r-- 1 root
root 0 Dec 21 03:16
pluto.log-20151220.gz</p>
<p class="ecxMsoNormal"><span style="background:yellow;">-rw-r--r--
1 root root 47953328593 Dec 22 03:46 pluto.log-20151222</span></p>
<p class="ecxMsoNormal"><span style="background:yellow;">-rw-r--r--
1 root root 47955774844 Dec 22 11:52 pluto.log</span></p>
<p class="ecxMsoNormal"> </p>
<p class="ecxMsoNormal">pluto:</p>
<p class="ecxMsoNormal">total 4</p>
<p class="ecxMsoNormal">drwx------ 2 root root 4096 Dec 16 07:53
peer</p>
<p class="ecxMsoNormal">[root@pa6 log]# ls -lh pluto.log-20151222</p>
<p class="ecxMsoNormal">-<span style="background:yellow;">rw-r--r--
1 root root 45G Dec 22 03:46 pluto.log-20151222</span></p>
<p class="ecxMsoNormal"><span style="background:yellow;"><br>
</span></p>
<p class="ecxMsoNormal"><br>
</p>
</div>
<br>
<fieldset class="ecxmimeAttachmentHeader"></fieldset>
<br>
<pre>_______________________________________________
Swan mailing list
<a class="ecxmoz-txt-link-abbreviated" href="mailto:Swan@lists.libreswan.org">Swan@lists.libreswan.org</a>
<a class="ecxmoz-txt-link-freetext" href="https://lists.libreswan.org/mailman/listinfo/swan" target="_blank">https://lists.libreswan.org/mailman/listinfo/swan</a>
</pre>
</blockquote>
<br></div></div> </div></body>
</html>