limited logging when using limit
Andrey V. Elsukov
bu7cher at yandex.ru
Tue Oct 4 03:24:53 PDT 2005
Arvinn wrote:
> ipfw add pipe 5 log tcp from 200.0.0.0/7 to me dst-port 25 limit src-addr 2
> ipfw add allow log tcp from any to me dst-port 25 limit src-addr 10
>
> All I get in syslog is:
> Sep 30 11:14:40 hostname drop session, too many entries
You can try this patch. ipfw will be logging a session drops like following:
Oct 4 14:15:44 hostname kernel: ipfw: drop session, too many entries
(by rule 200)
--
WBR, Andrey V. Elsukov
-------------- next part --------------
--- sys/netinet/ip_fw2.c.orig Mon Sep 13 11:21:17 2004
+++ sys/netinet/ip_fw2.c Tue Oct 4 14:18:51 2005
@@ -1090,7 +1090,8 @@
if (fw_verbose && last_log != time_second) {
last_log = time_second;
log(LOG_SECURITY | LOG_DEBUG,
- "drop session, too many entries\n");
+ "ipfw: drop session, too many entries (by rule %d)\n",
+ rule->rulenum);
}
return 1;
}
More information about the freebsd-ipfw
mailing list