[BlueOnyx:03585] Re: cmuImport

JW Simpson john at swajime.com
Sat Feb 13 16:31:06 -05 2010 

On Sun, 2009-04-19 at 13:31 -0400, Michael Stauber wrote:
> Hi Tony,
> 
>> I have Webmin 1.470 installed on my BO box (latest updates) and I used
>> Webmin to create some firewall rules but they keep getting overwritten
>> during the night and reverting to a base 'allow all' set.
>>
>> I am very new to BO and Linux so I am struggling to find out what
>> rewrites
>> the rules.
> 
> It's this cronjob that resets the iptables rules:
> 
> /etc/cron.hourly/log_traffic
> 
> It's used to set up traffic accounting. If you want to use your own
> iptables
> rules, you can simply delete that cronjob. No harm done there.
> 
> -- 
> With best regards
> 
> Michael Stauber

I've run into this same issue.

Looking at the code, it appears to me that the whole point of the chains
acctin and acctout is to keep the "accounting" process from mutilating
the INPUT and OUTPUT chains?

The statement "Every hour the cron script /etc/cron.hourly/log_traffic
produces log entries which are interpreted ones a night
by /etc/cron.daily/logrotate which calls analog." that I found at
http://www.kaffeesud.org/index.php?id=28 makes me think that I need more
information.

What functionality do we lose by deleting the cronjob?

What is the appropriate procedure for adding firewall rules that won't
be overwritten by the script, as an alternative to removing the script?

I can't seem to find any documentation anywhere other that what is
actually in the script.

Will the removal of this file break the functionality of the analog or
base-sitestats-scripts packages?

[john at bx1]# R:/etc/cron.hourly> rpmquery --whatprovides /etc/cron.hourly/log_traffic 
        base-sitestats-scripts-1.0-25BQ20.centos5
        [john at bx1]# R:/etc/cron.hourly> yum info base-sitestats-scripts
        Loaded plugins: fastestmirror
        Loading mirror speeds from cached hostfile
         * BlueOnyx: www.blueonyx.it
         * Solarspeed.net: mirror.smd.net
         * addons: mirror.steadfast.net
         * base: mirrors.gigenet.com
         * extras: yum.singlehop.com
         * updates: mirrors.tummy.com
        Installed Packages
        Name       : base-sitestats-scripts
        Arch       : noarch
        Version    : 1.0
        Release    : 25BQ20.centos5
        Size       : 58 k
        Repo       : installed
        Summary    : Server and site statistics for web, ftp, email, and network traffic
        License    : Sun modified BSD
        Description: This package contains the scripts for processing logfiles
                   : and monitoring network traffic and the php user interface for
                   : generating and viewing reports.
        

-- 
JW Simpson <john at swajime.com>
SwaJime's Cove℠

More information about the Blueonyx mailing list