cvs commit: src/etc syslog.conf
Mike Silbersack
silby at silby.com
Tue Feb 22 08:20:57 GMT 2005
On Tue, 22 Feb 2005, Gleb Smirnoff wrote:
> Security: this change fixes a DoS condition, when default system
> console is serial, and box is flooded with bogus ARP
> packets
Go rate-limit those messages, like we do with other kernel messages. grep
for "ppsratecheck" in /usr/src/sys/kern to see the other users of that
function.
If losing information about the flood is an issue, you could use
ppsratecheck to ensure that a generic "arp flood" message goes to the
console, but the actual messages are sent with a lower priority.
Mike "Silby" Silbersack
More information about the cvs-src
mailing list