periodic/security/550.ipfwlimit
550.ipfwlimit check in /etc/periodic/security takes into account only
global/default verbosity limit and does not account for a specific
logging limit set for a particular rule e.g.:
$ ipfw -a l | fgrep log
65000 *521* 41764 deny log logamount *1000* ip from any to any
$ sysctl -n net.inet.ip.fw.verbose_limit
*100*
>From security run output:
ipfw log limit reached:
65000 519 41672 deny log logamount 1000 ip from any to any
--
Andriy Gapon
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
討論串 (同標題文章)