RT-AX88U 386.3_2 goes about 3-4 weeks before RAM fills up.

[theirongiant]

In the meantime, the only way to really nuke the IPsec logs is to kill & relaunch the daemon and hope that no one is connected at the time, or that their client will auto-reconnect.

admin@RT-AX88U-27B8:~# killall starter charon
admin@RT-AX88U-27B8:~# /usr/lib/ipsec/starter --daemon charon
admin@RT-AX88U-27B8:~# /usr/lib/ipsec/starter --daemon charon
Starting weakSwan 5.7.2 IPsec [starter]...

 

[RMerlin]

WTF...

The strongswan charon process appears to be holding the ENTIRE log file in memory and writing it back again to disk after it's been overwritten.

Observe...

admin@RT-AX88U-27B8:/jffs/scripts# ./logtrimmer.sh 100 "/var/log/strongswan.charon.log" ; ls -la /var/log/
+ LINES=100
+ LOGFILE=/var/log/strongswan.charon.log
+ [[ 2 -lt 2 ]]
+ tmpfilename=/tmp/mktemp.17559
+ tail -n 100 /var/log/strongswan.charon.log
+ cat /tmp/mktemp.17559
+ echo Log file /var/log/strongswan.charon.log has been trimmed to the last 100 lines.
Log file /var/log/strongswan.charon.log has been trimmed to the last 100 lines.
drwxr-xr-x    3 admin    root           180 Sep 27 17:13 .
drwxrwxrwt   19 admin    root           520 Sep 28 16:52 ..
-rw-rw-rw-    1 admin    root            11 Sep 27 18:40 commit_ret
drwx------    4 admin    root            80 May  4  2018 cores
srw-rw-rw-    1 admin    root             0 May  4  2018 log
-rw-r--r--    1 admin    root         76963 Sep 28 16:53 log.nmbd
-rw-r--r--    1 admin    root           288 Sep 27 17:13 log.smbd
-rw-r--r--    1 admin    root             0 Sep 27 17:13 samba.log
-rw-rw-rw-    1 admin    root          7724 Sep 28 16:55 strongswan.charon.log

...Spongebob Card: "a few moments later..."

admin@RT-AX88U-27B8:/jffs/scripts# ls -la /var/log
drwxr-xr-x    3 admin    root           180 Sep 27 17:13 .
drwxrwxrwt   19 admin    root           520 Sep 28 16:52 ..
-rw-rw-rw-    1 admin    root            11 Sep 27 18:40 commit_ret
drwx------    4 admin    root            80 May  4  2018 cores
srw-rw-rw-    1 admin    root             0 May  4  2018 log
-rw-r--r--    1 admin    root         76963 Sep 28 16:53 log.nmbd
-rw-r--r--    1 admin    root           288 Sep 27 17:13 log.smbd
-rw-r--r--    1 admin    root             0 Sep 27 17:13 samba.log
-rw-rw-rw-    1 admin    root      18795658 Sep 28 16:55 strongswan.charon.log

I just can't win...

Send a SIGHUP to the process after rotating the log.

 

[Slawek P]

Hi, I had to reboot AX88U every two weeks on 386.3_2 (clean upgrade). I have never investigated. I have upgraded to 386.4_alpha and it has been stable since

 

[ccleeland]

Thanks for the suggestion. I expanded on it a bit for a crontab and placed the script in the /jffs folder. Unfortunately, this did *not* shrink the log file as expected. I tried 100 lines, but it's still nearly 20MB.

Were there more than 100 lines in it?

That technique will work with a standard linux/unix syslog because that code does an `fseek` to end-of-file before every write, thus it properly detects file truncation (or shortening). If the logger that's used inside merlin doesn't use that practice and instead just adds from the last file pointer it had, then it will add to the last place and the file *size* won't shrink and you'll end up with a hole of either zero or gibberish in the space between.