Re: huge log files

[The Benzes <thebenzes@comcast.net>]

Claudio,

I was just trying to track down the exact same problem you're having, and happened across your post while Googling for solutions.  I finally sorted it out on my system (which is running Mandrake 10 with a shorewall).  I was goofing around in Webmin (which I highly recommend as a management tool for your system), but couldn't find anything in the Shorewall configuration module that seemed to affect the production of these BANDWIDTH_IN and BANDWIDTH_OUT messages.  However, poking around some more, I happened across a Bandwidth Monitoring module - opening it up, I realized I must have turned it on at some point, and never turned it off.  This was the cause of these BANDWIDTH messages filling up my logs - every single packet of any kind was being logged by the bandwidth module.

To be honest, once this solved my problem I didn't investigate further to see what config files were actually specifying the bandwidth tracking... but it should be pretty easy to sort out by Googling a bit for info about the Bandwidth Monitoring module - should point you to the right config files.

Regards,

-Zach

Hello

i just install sarge on a amd K6 400 mhz which run as a firewall and router (shorewall) for some reason the debug, syslog, kern and bandwidth file in /var/log are growing fast and too much (all toghether them reach 4.5 Gb in 1 day)

i dont know what is trilling them so any help will be welcome.

i add her a few lines from syslog (but the others files are more of the same)

thnax in advance

Claudio

Jun 8 17:40:52 localhost kernel: BANDWIDTH_IN:IN=eth0 OUT= MAC=00:01:02:e1:b3:63:00:0f:34:7c:3d:84:08:00 SRC="" DST=172.21.183.241 LEN=1480 TOS=0x00 PREC=0x00 TTL=251 ID=1104 PROTO=47

Jun 8 17:40:52 localhost kernel: BANDWIDTH_OUT:IN= OUT=eth0 SRC="" DST=212.199.26.28 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=65310 DF PROTO=47