fwanalog never exiting
Hi,
I have been keeping a close eye on one of my systems as it locked up a few
days ago. This particular machine runs fwanalog as a cron job. I get a daily
email fine but I have noticed what to my mind seems to be bad behaviour by
the cron job.
The job itself runs are midnight IIRC but at 10 am the next morning it seems
to still be running:
machine:/var/log/fwanalog# ps axf | grep fwana
29228 pts/4 S+ 0:00 | \_ grep fwana
23856 ? Ss 0:00 \_ /bin/sh -c test -x /usr/lib/fwanalog/cron
&& /usr/lib/fwanalog/cron 2> /dev/null
23857 ? S 0:00 \_ /bin/sh -e /usr/lib/fwanalog/cron
24002 ? S 0:00 \_ su fwanalog -c
nice /usr/bin/fwanalog
24006 ? SN 0:00 \_ /bin/sh /usr/bin/fwanalog
24008 ? SN 0:00 \_ /bin/sh /usr/bin/fwanalog
24110 ? SN 7:50 \_ analog -G
+g/usr/share/fwanalog/fwanalog.analog.conf +V+C
-COUTFILE /var/log/fwanalog/alldates.html
+g/var/log/fwanalog/fwanalog.analog.conf.gen
Is this normal behaviour?
The instance of analog that is started by this is also consuming around 10% of
the systems memory and a little (<10%) of the CPU time every now and then.
This doesn't feel right to me. I expected the process to run once at night
and then stop not run all the time. Is the base process maybe failing to kill
it's children?
I don't get much in the way of attacks (around 1500 firewall blocks a day) so
it's not like the job would still be running.
Thanks,
Graham
Reply to: