Feature #16269
closed
Separate file system (and pool) to isolate the logs, to not compromise the operating system !
0%
Description
Dear pfSense Dev Team!
Because from 2.8.0 and higher versions of pfSense installer was changed, what is the reason to NOT making a separate file system (and pool, if using ZFS) to isolate the logs, just so full logs could not compromise the operating system?
From pfSense product point of view this would be great advantage: in any situation the pfSense still working, even because some user’s missconfigurations or package’s bugs the logs become increasing rapidly and occupy more and more disk space.
Especially, this situation possible when Snort/Suricata used, or ntopng make much logging, or user switch on logging for most of firewall rules (for future analysis by external software)…
Netgate have a lot of statistics (because pfSense are really old-age software) about disk usage in hundreds of different scenarios, so deciding size of this separate filesystem/pool for logs would be VERY EASY. Especially for well-known hardware configurations like own Netgate-branded hardware. Or, button [ADVANCED] in installator would be VERY USEFUL for experienced pfSense’s users.
Updated by Jim Pingle 3 months ago
- Status changed from New to Rejected
- Priority changed from High to Very Low
The base system already will not exceed the logging limits configured in the settings by the user. If a package does not properly setup log rotation/cleanup that's a problem with the package or the user's configuration.
Logs are already placed in their own ZFS dataset. You can set a quota on a dataset if you want. There is no need for further isolation. Setting up a separate partition for that on UFS is more trouble than it's worth.
Trying to pre-determine what size is best for that is nearly impossible and irrelevant to most users. If someone is concerned about that, they can set their own limits.