periodic/security/550.ipfwlimit
Andriy Gapon
avg at icyb.net.ua
Tue Feb 22 00:36:49 PST 2005
550.ipfwlimit check in /etc/periodic/security takes into account only
global/default verbosity limit and does not account for a specific
logging limit set for a particular rule e.g.:
$ ipfw -a l | fgrep log
65000 *521* 41764 deny log logamount *1000* ip from any to any
$ sysctl -n net.inet.ip.fw.verbose_limit
*100*
>From security run output:
ipfw log limit reached:
65000 519 41672 deny log logamount 1000 ip from any to any
--
Andriy Gapon
More information about the freebsd-security
mailing list