Just a short note on FreeBSD's newsyslog and fail2ban, since I couldn't find this information on the interwebtubes.
Fail2ban does not respond to HUP/USR1 (or any other) signal to notify config or log changes. This sort of thing is achieved using fail2ban-client.
Newsyslog is geared towards the sending of signals, since that's what a *nix daemon would traditionally expect. Recently patched and working in newsyslog is the R flag, which allows you to provide a path to some executable instead of a PID file. Config for fail2ban in /etc/newsyslog.conf now looks like this:
# logfilename mode count size when flags [/pid_file] [sig_num] /var/log/fail2ban.log 600 5 500 $W0D5 JR /usr/local/bin/fail2ban-logrotate.sh
Contents of /usr/local/bin/fail2ban-logrotate.sh are simply:
#!/bin/sh /usr/local/bin/fail2ban-client set logtarget /var/log/fail2ban.log >/dev/null
Something doesn't sit right about this approach but it appears to do the business. Better ideas welcome in the comments.
OpenBSD's newsyslog appears to allow any free form command as long as it's wrapped in double quotes. Handy.
Wed, 26 Oct 2016 02:14
Text only, no HTML, * denotes a required field.