On Wed, 2005-01-12 at 10:52, Leonardo Rodrigues MagalhÃes wrote:
> Well, OK, squid is blocking them. But squid has a 2Gb log file
> limitation which, in some cases I experienced, was enough for only 5 hours
> of network traffic loaded with some of these virus/adware/spywares. After
> 2Gb of logs, squid dies and there it goes http browsing.
I'd be surprised if squid had any internal log limit size. Was this
on an old system with the 2Gb file limit in the filesystem? If so,
updating to something current would avoid this problem. But, if you
can identify the log entries you should probably use something like
swatch to note the source and block it with an iptables entry until
the virus is cleaned.
--
Les Mikesell
les@xxxxxxxxxxxxxxxx
