DNS filter - limit reports and logs

32 views
Skip to first unread message

Mark Williams

unread,
Oct 11, 2021, 9:18:36 AM10/11/21
to Diladele Web Safety
We use Web safety for the main network but ive stopped using web safety for our guest WIFI - the dnssafety and a firewall blocking other DNS is good enough for the guests.

However, I havent found a way to limit reports/logs, they seems to just grow (they just filled a 40gb partition in a few months without me noticing.

In websafety I can limit the logs etc but I cannot figure out how to do this in dnssafety.  Id rather not go into cron scripting if I can help it.

rafael....@diladele.com

unread,
Oct 11, 2021, 12:49:47 PM10/11/21
to Diladele Web Safety
I am afraid log rotation is not implemented. I have added the issue but have no idea when we decide to revive the project.

Best regards,
Raf

Mark Williams

unread,
Oct 12, 2021, 7:11:48 AM10/12/21
to Diladele Web Safety
no problem weekly cron script it is!  Does this mean that dnssafety is discontinued?

pcl...@gmail.com

unread,
Oct 12, 2021, 7:53:46 AM10/12/21
to Diladele Web Safety
yeah, please don't neglect it.... I love DNS Safety!

rafael....@diladele.com

unread,
Oct 12, 2021, 7:59:38 AM10/12/21
to Diladele Web Safety
We call it postponed, not discontinued. Will try to work on it after Web Safety 7.7 comes out in December.
If you know already what needs to be added, do not hesitate to add an issue at https://github.com/diladele/dnssafety/issues/new

Best regards,
Raf

Mark Williams

unread,
Dec 8, 2021, 3:48:56 AM12/8/21
to Diladele Web Safety
Just a follow up to this for anyone else needing to rotate both logs and prune old reports.  I did create a BASH script to prune the reports but they kept coming back.  Long story short, you have "sort of" implemented log rotation.  There are two parts to the log rotation, one is the actual "access.log" containing the raw data and one is the "reports" pages that have the HTML.  

I had a cron.weekly script that pruned the older reports pages:

daysToKeep=30
minKeepEpoch=$(date --date "$daysToKeep days ago" +%s)

for dir in /opt/dnssafety-ui/var/reports/*; do
    dirName=${dir##*/}
    dirEpoch=$(date --date ${dirName//./} +%s)
  (( dirEpoch <= minKeepEpoch )) && rm -rf $dir
done

That works for 30 days worth of reports. However!  These reports will keep coming back due to the cron.daily dnssafety_report script that looks through /opt/dnssafety/var/log/ and collects data.  So I looked at writing a quick script to prune the access.log  It turns out that after writing the script and putting it in  /etc/logrotate.d I didnt have to! You have already written a rotation script:

/etc/logrotate.d/dnssafety

This was set to 367 days inside the code (and there doesnt seem to be a UI link to change this), I simply needed to change the setting to 30 days.  Now I have 47gb recovered in logs so this VM can carry on a little while longer.

Still, I dont think this rotation prunes the reports directory; only the access.log so I would have needed my first script anyway....
Reply all
Reply to author
Forward
0 new messages