Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Squid3 not rotating logs

    Scheduled Pinned Locked Moved pfSense Packages
    6 Posts 2 Posters 2.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      chiwalfrm
      last edited by

      Running pfSense 2.1.5 (installed to hard drive using pfSense-LiveCD-2.1.5-RELEASE-amd64.iso)
      Everything at defaults.

      Installed squid3-dev (beta 3.3.10 pkg 2.2.8 platform: 2.0) package.
      Only changed Enable logging to yes.    Log rotate from blank to 7.

      It rotated first 2 days, then no more rotation.  The last rotation was a week ago.

      This is in my /var/squid/logs/ directory.

      [2.1.5-RELEASE][admin@pfSense.localdomain]/var/squid/logs(62): ls -altr
      total 180402
      drwxr-xr-x  7 proxy  proxy        512 Jan 11 22:34 ..
      -rw-r–---  1 proxy  proxy      3221 Jan 11 22:34 cache.log.1
      -rw-r-----  1 proxy  proxy      7278 Jan 11 23:16 access.log.1
      -rw-r-----  1 proxy  proxy        58 Jan 12 00:00 cache.log.0
      -rw-r-----  1 proxy  proxy    3380317 Jan 12 23:59 access.log.0
      -rw-r-----  1 proxy  proxy      8131 Jan 19 11:54 netdb.state
      drwxr-xr-x  2 proxy  proxy        512 Jan 19 11:54 .
      -rw-r-----  1 proxy  proxy      6348 Jan 19 12:24 cache.log
      -rw-r-----  1 proxy  proxy  181164755 Jan 19 12:24 access.log

      I looked for a crontab for the 'root' user and got nothing.

      [2.1.5-RELEASE][admin@pfSense.localdomain]/var/squid/logs(63): crontab -l
      crontab: no crontab for root

      How is the logs rotated if there is no crontab for root?  They rotated twice so wondering what happened.  Doing a manual rotation works fine in the shell "squid -k rotate" but I was hoping for the automated way.

      1 Reply Last reply Reply Quote 0
      • marcellocM
        marcelloc
        last edited by

        Install cron package to see system cron.

        Treinamentos de Elite: http://sys-squad.com

        Help a community developer! ;D

        1 Reply Last reply Reply Quote 0
        • C
          chiwalfrm
          last edited by

          I see cron is already installed and running (it came with the default installation).

          [2.1.5-RELEASE][admin@pfSense.localdomain]/var/squid/logs(5): ps aux | grep -i cron
          root   37323  0.0  0.0  5784  1180  ??  Is    3:28PM   0:00.00 /usr/local/bin/minicron 240 /var/run/ping_hosts.pid /usr/local/bin/ping_hosts.sh
          root   37899  0.0  0.0  5784  1228  ??  I     3:28PM   0:00.02 minicron: helper /usr/local/bin/ping_hosts.sh  (minicron)
          root   38642  0.0  0.0  5784  1180  ??  Is    3:28PM   0:00.00 /usr/local/bin/minicron 3600 /var/run/expire_accounts.pid /etc/rc.expireaccounts
          root   38808  0.0  0.0  5784  1228  ??  I     3:28PM   0:00.00 minicron: helper /etc/rc.expireaccounts  (minicron)
          root   39104  0.0  0.0  5784  1180  ??  Is    3:28PM   0:00.00 /usr/local/bin/minicron 86400 /var/run/update_alias_url_data.pid /etc/rc.update_alias_url_data
          root   39471  0.0  0.0  5784  1228  ??  I     3:28PM   0:00.00 minicron: helper /etc/rc.update_alias_url_data  (minicron)
          root   84722  0.0  0.0  7928  1620  ??  Ss    3:28PM   0:00.04 /usr/sbin/cron -s
          root   54230  0.0  0.0  9068  1468   0  S+    6:26AM   0:00.00 grep -i cron
          [2.1.5-RELEASE][admin@pfSense.localdomain]/var/squid/logs(6):
          
          

          I also found the crontab.  It turns out that it is in /etc/crontab:

          [2.1.5-RELEASE][admin@pfSense.localdomain]/var/squid/logs(12): more /etc/crontab
          SHELL=/bin/sh
          PATH=/etc:/bin:/sbin:/usr/bin:/usr/sbin
          HOME=/var/log
          #minute hour    mday    month   wday    who      command
          #
          #
          # pfSense specific crontab entries
          # Created: January 19, 2015, 3:28 pm
          #
          
          1,31    0-5     *       *       *       root    /usr/bin/nice -n20 adjkerntz -a
          1       3       1       *       *       root    /usr/bin/nice -n20 /etc/rc.update_bogons.sh
          */60    *       *       *       *       root    /usr/bin/nice -n20 /usr/local/sbin/expiretable -v -t 3600 sshlockout
          1       1       *       *       *       root    /usr/bin/nice -n20 /etc/rc.dyndns.update
          */60    *       *       *       *       root    /usr/bin/nice -n20 /usr/local/sbin/expiretable -v -t 3600 virusprot
          30      12      *       *       *       root    /usr/bin/nice -n20 /etc/rc.update_urltables
          0       0       *       *       *       root    /usr/pbi/squid-amd64/sbin/squid -k rotate -f /usr/pbi/squid-amd64/etc/squid/squid.conf
          */15    *       *       *       *       root    /usr/local/pkg/swapstate_check.php
          #
          # If possible do not add items to this file manually.
          # If you do so, this file must be terminated with a blank line (e.g. new line)
          #
          
          

          The squid line shows it is supposed to run at midnight every day.  But it is not running or maybe it is running but it is not rotating.

          1 Reply Last reply Reply Quote 0
          • C
            chiwalfrm
            last edited by

            I ran the command as shown in the crontab:/usr/pbi/squid-amd64/sbin/squid -k rotate -f /usr/pbi/squid-amd64/etc/squid/squid.conf

            …and the logs did not rotate.  No changes in /var/squid/logs/

            Then I shut down and restarted the squid service.  And ran the exact same command, and got a rotation.  So somehow it stopped responding to rotate command even though the proxy was running fine (access.log kept updating).

            1 Reply Last reply Reply Quote 0
            • marcellocM
              marcelloc
              last edited by

              Seems to be related to pbi, try to run from bin dir instead of sbin.

              /usr/pbi/squid-amd64/bin/squid -k rotate -f /usr/pbi/squid-amd64/etc/squid/squid.conf

              EDIT

              I've tested with both bin and sbin dir and it's rotating fine here.

              check what rotate options are saved on config file.

              grep -i rotate /usr/pbi/squid-amd64/local/etc/squid/squid.conf
              

              Treinamentos de Elite: http://sys-squad.com

              Help a community developer! ;D

              1 Reply Last reply Reply Quote 0
              • C
                chiwalfrm
                last edited by

                There is no /usr/pbi/squid-amd64/bin/squid.

                [2.1.5-RELEASE][admin@pfSense.localdomain]/var/squid/logs(10): ls /usr/pbi/squid-amd64/bin/squid*
                ls: No match.
                

                Since I restarted squid on 1/20, it rotated once at midnight on 1/21, then no more rotations.  The access.log is still growing and the proxy server works fine.

                With the root user, running:
                /usr/pbi/squid-amd64/sbin/squid -k rotate -f /usr/pbi/squid-amd64/etc/squid/squid.conf
                does not do anything.  No errors or anything.

                # /usr/pbi/squid-amd64/sbin/squid -k rotate -f /usr/pbi/squid-amd64/etc/squid/squid.conf
                # 
                

                Notice no output above.

                # grep -i rotate /usr/pbi/squid-amd64/local/etc/squid/squid.conf
                grep: /usr/pbi/squid-amd64/local/etc/squid/squid.conf: No such file or directory
                # find / -name squid.conf -print
                /root/squid.conf
                /usr/pbi/squid-amd64/etc/squid/squid.conf
                # grep -i rotate /usr/pbi/squid-amd64/etc/squid/squid.conf
                logfile_rotate 7
                debug_options rotate=7
                
                
                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.